Vulnerabilities > Webgui > Webgui > 7.4.12
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-10-30 | CVE-2008-4798 | Code Injection vulnerability in Webgui The loadModule function in lib/WebGUI/Asset.pm in WebGUI before 7.5.30 (stable) allows remote attackers to execute arbitrary code by uploading a Perl module and accessing it via a crafted URL. | 9.3 |
2008-02-25 | CVE-2008-0940 | Cross-Site Scripting vulnerability in Webgui Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.4.24 allows remote attackers to inject arbitrary web script or HTML when creating a username, a different vulnerability than CVE-2007-0407. | 4.3 |