CVE-2007-3421

high

Description

The (1) login, (2) admin profile edit, (3) reminder, (4) edit profile, (5) profile view, (6) gallery view, (7) gallery comment, and (8) gallery feedback capabilities in web-app.org WebAPP before 0.9.9.7 do not verify presence of users in memberlist.dat, which has unknown impact and remote attack vectors.

References

http://www.web-app.org/downloads/WebAPPv0.9.9.7.zip

http://www.web-app.org/cgi-bin/index.cgi?action=forum&board=how_to&op=display&num=9458

http://osvdb.org/45402

Details

Source: Mitre, NVD

Published: 2007-06-26

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00334