3 matches found
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the administration of 1 polls, 2 profiles, 3 IP bans, and 4 forums in a web-app.org WebAPP 0.8 through 0.9.9.6; and b web-app.net WebAPP 0.9.9.3.3, 0.9.9.3.4, and 2007; allow remote attackers to perform deletions as administrators...
Code injection
Unspecified vulnerability in the Username Hijacking Patch 20070312 for web-app.org WebAPP 0.9.9.6 allows remote attackers to obtain administrative access via unknown vectors, related to "something overlooked in the original that was still overlooked in the patch", and possibly related to copying...
CVE-2007-1830
Unspecified vulnerability in the Username Hijacking Patch 20070312 for web-app.org WebAPP 0.9.9.6 allows remote attackers to obtain administrative access via unknown vectors, related to "something overlooked in the original that was still overlooked in the patch", and possibly related to copying...