Web-app.org : Security Vulnerabilities, CVEs, Published In 2007 (CSRF)
Multiple cross-site request forgery (CSRF) vulnerabilities in the administration of (1) polls, (2) profiles, (3) IP bans, and (4) forums in (a) web-app.org WebAPP 0.8 through 0.9.9.6; and (b) web-app.net WebAPP 0.9.9.3.3, 0.9.9.3.4, and 2007; allow remote attackers to perform deletions as administrators.
Max CVSS
5.0
EPSS Score
0.18%
Published
2007-06-26
Updated
2017-07-29
Unspecified vulnerability in web-app.org Web Automated Perl Portal (WebAPP) 0.9.9.4 to 0.9.9.6 allows remote attackers to obtain admin access by modifying cookies and performing "certain consecutive actions," possibly due to a cross-site request forgery (CSRF) vulnerability.
Max CVSS
6.8
EPSS Score
0.51%
Published
2007-03-16
Updated
2008-11-23
WebAPP before 0.9.9.5 does not check referrers in certain forms, which might facilitate remote cross-site request forgery (CSRF) attacks or have other unknown impact.
Max CVSS
4.3
EPSS Score
0.35%
Published
2007-03-02
Updated
2011-03-08
3 vulnerabilities found