CVE-2007-3421 Information

Description

The (1) login (2) admin profile edit (3) reminder (4) edit profile (5) profile view (6) gallery view (7) gallery comment and (8) gallery feedback capabilities in web-app.org WebAPP before 0.9.9.7 do not verify presence of users in memberlist.dat which has unknown impact and remote attack vectors.

Reference

http://osvdb.org/45402 http://www.web-app.org/cgi-bin/index.cgi?action=forum&board=how_to&op=display&num=9458 http://www.web-app.org/downloads/WebAPPv0.9.9.7.zip