CVE-2007-0308

Plain Black WebGUI is affected by CVE-2007-0308: an XSS in Wiki Page titles allows remote injection of script/HTML. Affected product/version: Plain Black WebGUI before 7.3.4 (beta). Root cause: improper handling of Wiki Page titles leads to script injection. Impact per sources: client-side script...

CVE-2007-0308

Cross-site scripting XSS vulnerability in Plain Black WebGUI before 7.3.4 beta allows remote attackers to inject arbitrary web script or HTML via Wiki Page titles...

WebGUI < 6.7.6 arbitrary command execution

The installed version of WebGUI on the remote host fails to sanitize user-supplied input via the SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

WebGUI < 6.7.6 arbitrary command execution

The remote web server contains a CGI script that is prone to arbitrary code execution. Description : The remote host is running WebGUI, a content management system from Plain Black Software. The installed version of WebGUI on the remote host fails to sanitize user-supplied input via the OpenVAS...

Design/Logic Flaw

Unspecified vulnerability in WebGUI before 6.8.6-gamma allows remote attackers to create an account, when anonymous registration is disabled, via a certain URL...

CVE-2006-0680

Unspecified vulnerability in WebGUI before 6.8.6-gamma allows remote attackers to create an account, when anonymous registration is disabled, via a certain URL...

CVE-2006-0680

CVE-2006-0680 affects WebGUI prior to version 6.8.6-gamma, allowing remote attackers to create an account via a specific URL when anonymous registration is disabled. The provided documents confirm the affected software and the vulnerability condition; no explicit fix/version is stated within the ...

CVE-2006-0680

Unspecified vulnerability in WebGUI before 6.8.6-gamma allows remote attackers to create an account, when anonymous registration is disabled, via a certain URL...

WebGUI < 6.8.6 'Anonymous' Account Creation

Binary data 3427.prm...

[SA18819] WebGUI User Account Creation Vulnerability

TITLE: WebGUI User Account Creation Vulnerability SECUNIA ADVISORY ID: SA18819 VERIFY ADVISORY: http://secunia.com/advisories/18819/ CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: From remote SOFTWARE: WebGUI 6.x http://secunia.com/product/4293/ DESCRIPTION: A vulnerability has been...

CVE-2005-4694

WebGUI

CVE-2005-4694

Unspecified vulnerability in the wwwadd method in Asset.pm in Plain Black WebGUI 6.3.0 and other versions before 6.7.6 allows attackers to execute arbitrary code via unknown attack vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the DataForm Entries functionality in Plain Black WebGUI before 6.8.4 gamma allows remote attackers to inject arbitrary Javascript via the 1 url and 2 name field of the default email form...

CVE-2006-0165

Cross-site scripting XSS vulnerability in the DataForm Entries functionality in Plain Black WebGUI before 6.8.4 gamma allows remote attackers to inject arbitrary Javascript via the 1 url and 2 name field of the default email form...

CVE-2006-0165

CVE-2006-0165 affects Plain Black WebGUI (DataForm Entries) prior to version 6.8.4 (gamma). The vulnerability arises in the default email form’s url and name fields, enabling remote attackers to inject arbitrary Javascript (XSS). The provided sources confirm the affected product and vulnerable co...

[SA18372] WebGUI Form Module Script Insertion Vulnerability

TITLE: WebGUI Form Module Script Insertion Vulnerability SECUNIA ADVISORY ID: SA18372 VERIFY ADVISORY: http://secunia.com/advisories/18372/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: WebGUI 6.x http://secunia.com/product/4293/ DESCRIPTION: Hans Wolters has...

CVE-2005-4694

Unspecified vulnerability in the wwwadd method in Asset.pm in Plain Black WebGUI 6.3.0 and other versions before 6.7.6 allows attackers to execute arbitrary code via unknown attack vectors...

WebGUI < 6.7.6 Asset.pm Asset Addition Arbitrary Code Execution

The remote host is running WebGUI, a content management system from Plain Black Software. The installed version of WebGUI on the remote host fails to sanitize user-supplied input via the 'class' variable to various sources before using it to run commands. By leveraging this flaw, an attacker may ...

[SA17158] WebGUI Unspecified Arbitrary Code Execution Vulnerability

TITLE: WebGUI Unspecified Arbitrary Code Execution Vulnerability SECUNIA ADVISORY ID: SA17158 VERIFY ADVISORY: http://secunia.com/advisories/17158/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: WebGUI 6.x http://secunia.com/product/4293/ DESCRIPTION: A vulnerability...

WebGUI < 6.7.6 Unspecified Code Execution

Binary data 3253.prm...