3 matches found
CVE-2005-2837
CVE-2005-2837 affects Plain Black Software WebGUI prior to 6.7.3. Multiple eval injection flaws in the modules Help.pm, International.pm, and WebGUI.pm allow remote attackers to execute arbitrary Perl code. This is a remote code execution risk on WebGUI installations exposed to an attacker; explo...
CVE-2009-4877
CVE-2009-4877 describes multiple CSRF weaknesses in WebGUI prior to version 7.7.14 that enable remote attackers to hijack user authentication for unspecified requests via unknown vectors. The affected product is WebGUI (before 7.7.14); the vulnerability’s exact exploit method, affected components...
CVE-2015-1564
CVE-2015-1564 affects Plain Black WebGUI 7.10.29 and earlier, via the style-underground/search component. The vulnerability is a cross-site scripting (XSS) flaw that lets remote attackers inject arbitrary web script or HTML through the Search field. No remediation details are provided in the conn...