Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The editprofile3 function in cgi-bin/cgi-lib/user.pl in web-app.org WebAPP before 0.9.9.7 does not properly check the (1) themes.dat, (2) languages.dat, (3) profession.dat, (4) gen.dat, (5) marstat.dat, (6) states.dat, and (7) ages.dat files before saving profile settings of members, which has unknown impact and remote attack vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
web-app.org WebAPP远程攻击漏洞
Vulnerability Description
web-app.org WebAPP 0.9.9.7之前版本的cgi-bin/cgi-lib/user.pl中的editprofile3函数没有在保存成员的资料设置前正确的验证(1)themes.dat;(2)languages.dat;(3)profession.dat;(4)gen.dat;(5)marstat.dat;(6)states.dat和(7) ages.dat文件,这会造成未知影响和远程攻击向量。
CVSS Information
N/A
Vulnerability Type
N/A