CVE-2007-3419

CVE-2007-3419 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The editprofile3 function in cgi-bin/cgi-lib/user.pl in web-app.org WebAPP before 0.9.9.7 does not properly check the (1) themes.dat, (2) languages.dat, (3) profession.dat, (4) gen.dat, (5) marstat.dat, (6) states.dat, and (7) ages.dat files before saving profile settings of members, which has unknown impact and remote attack vectors.

Learn more about our Web App Pen Testing.