Vulnerability Description
WebAPP before 0.9.9.5 allows remote attackers to submit Search form input that is not checked for (1) composition or (2) length, which has unknown impact, possibly related to "search form hijacking".
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Web-App.Org | Webapp | 0.9.9 |
References
- http://osvdb.org/33299
- http://secunia.com/advisories/24080Vendor Advisory
- http://www.securityfocus.com/bid/22563PatchVendor Advisory
- http://www.vupen.com/english/advisories/2007/0604
- http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250
- http://osvdb.org/33299
- http://secunia.com/advisories/24080Vendor Advisory
- http://www.securityfocus.com/bid/22563PatchVendor Advisory
- http://www.vupen.com/english/advisories/2007/0604
- http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250
FAQ
What is CVE-2007-1188?
CVE-2007-1188 is a vulnerability with a CVSS score of 7.5 (HIGH). WebAPP before 0.9.9.5 allows remote attackers to submit Search form input that is not checked for (1) composition or (2) length, which has unknown impact, possibly related to "search form hijacking".
How severe is CVE-2007-1188?
CVE-2007-1188 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1188?
Check the references section above for vendor advisories and patch information. Affected products include: Web-App.Org Webapp.