← Back

Webgui

webgui

Vendor: Webgui • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2008-4798
1Webgui
1Webgui
Apr 23, 2026
Oct 30, 2008
N/A· v4
N/A· v3
9.3 HIGH· v2
The loadModule function in lib/WebGUI/Asset.pm in WebGUI before 7.5.30 (stable) allows remote attackers to execute arbitrary code by uploading a Perl module and accessing it via a crafted URL.
CVE-2008-0940
1Webgui
1Webgui
Apr 23, 2026
Feb 25, 2008
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.4.24 allows remote attackers to inject arbitrary web script or HTML when creating a username, a different vulnerability than CVE-2007-0407.