Lucene search

K
cve[email protected]CVE-2007-1489
HistoryMar 16, 2007 - 9:19 p.m.

CVE-2007-1489

2007-03-1621:19:00
CWE-352
web.nvd.nist.gov
24
cve-2007-1489
webapp
remote attackers
admin access
csrf vulnerability

6.8 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.7%

Unspecified vulnerability in web-app.org Web Automated Perl Portal (WebAPP) 0.9.9.4 to 0.9.9.6 allows remote attackers to obtain admin access by modifying cookies and performing “certain consecutive actions,” possibly due to a cross-site request forgery (CSRF) vulnerability.

Affected configurations

NVD
Node
web-app.orgwebappMatch0.9.9.4
OR
web-app.orgwebappMatch0.9.9.5
OR
web-app.orgwebappMatch0.9.9.6

6.8 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.7%

Related for CVE-2007-1489