VYPR

Webgui

by Webgui

CVEs (4)

  • CVE-2009-4877May 26, 2010
    risk 0.00cvss epss 0.01

    Multiple cross-site request forgery (CSRF) vulnerabilities in WebGUI before 7.7.14 allow remote attackers to hijack the authentication of users for unspecified requests via unknown vectors.

  • CVE-2008-4798Oct 30, 2008
    risk 0.00cvss epss 0.04

    The loadModule function in lib/WebGUI/Asset.pm in WebGUI before 7.5.30 (stable) allows remote attackers to execute arbitrary code by uploading a Perl module and accessing it via a crafted URL.

  • CVE-2008-0940Feb 25, 2008
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.4.24 allows remote attackers to inject arbitrary web script or HTML when creating a username, a different vulnerability than CVE-2007-0407.

  • CVE-2006-0165Jan 11, 2006
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the DataForm Entries functionality in Plain Black WebGUI before 6.8.4 (gamma) allows remote attackers to inject arbitrary Javascript via the (1) url and (2) name field of the default email form.