CVE-2007-1489

Web-app.org Webapp - CSRF

Title source: rule

Description

Unspecified vulnerability in web-app.org Web Automated Perl Portal (WebAPP) 0.9.9.4 to 0.9.9.6 allows remote attackers to obtain admin access by modifying cookies and performing "certain consecutive actions," possibly due to a cross-site request forgery (CSRF) vulnerability.

References (6)

[Third Party Advisory, VDB Entry] http://osvdb.org/33273

[Vendor Advisory] http://secunia.com/advisories/24540

[Third Party Advisory] http://www.attrition.org/pipermail/vim/2007-March/001446.html

[Patch] http://www.web-app.org/cgi-bin/index.cgi?action=downloadinfo&cat=crip&id=2

[Various Sources] http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=256

[Various Sources] http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=259

Scores

EPSS 0.0067

EPSS Percentile 71.0%

Classification

CWE

CWE-352

Status draft

Affected Products (3)

web-app.org/webapp

web-app.org/webapp

web-app.org/webapp

Timeline

Published Mar 16, 2007

Tracked Since Feb 18, 2026