exploitDog

CVE-2007-1489

Опубликовано: 16 мар. 2007

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Unspecified vulnerability in web-app.org Web Automated Perl Portal (WebAPP) 0.9.9.4 to 0.9.9.6 allows remote attackers to obtain admin access by modifying cookies and performing "certain consecutive actions," possibly due to a cross-site request forgery (CSRF) vulnerability.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:web-app.org:webapp:0.9.9.4:*:*:*:*:*:*:*

cpe:2.3:a:web-app.org:webapp:0.9.9.5:*:*:*:*:*:*:*

cpe:2.3:a:web-app.org:webapp:0.9.9.6:*:*:*:*:*:*:*

EPSS

Процентиль: 71%

0.00671

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-5vwr-m7xp-xfcp

github

почти 4 года назад

Unspecified vulnerability in web-app.org Web Automated Perl Portal (WebAPP) 0.9.9.4 to 0.9.9.6 allows remote attackers to obtain admin access by modifying cookies and performing "certain consecutive actions," possibly due to a cross-site request forgery (CSRF) vulnerability.

EPSS

Процентиль: 71%

0.00671

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352