CVE-2007-3421
The (1) login, (2) admin profile edit, (3) reminder, (4) edit profile, (5) profile view, (6) gallery view, (7) gallery comment, and (8) gallery feedback capabilities in web-app.org WebAPP before 0.9.9.7 do not verify presence of users in memberlist.dat, which has unknown impact and remote attack vectors.
Date published : 2007-06-26
http://www.web-app.org/cgi-bin/index.cgi?action=forum&board=how_to&op=display&num=9458