Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

webgui webgui vulnerabilities and exploits

(subscribe to this query)
10
CVSSv2
CVE-2014-5334
FreeNAS prior to 9.3-M3 has a blank admin password, which allows remote malicious users to gain root privileges by leveraging a WebGui login.
Freenas Freenas 9.3Freenas Freenas
10
CVSSv2
CVE-2008-2077
Unspecified vulnerability in Plain Black WebGUI 7.4.34 has unknown impact and attack vectors related to "data form list view."
Plain Black Webgui 7.4.34
9.3
CVSSv2
CVE-2008-4798
The loadModule function in lib/WebGUI/Asset.pm in WebGUI prior to 7.5.30 (stable) allows remote malicious users to execute arbitrary code by uploading a Perl module and accessing it via a crafted URL.
Webgui Webgui 7.4.13Webgui Webgui 7.4.14Webgui Webgui 7.4.7Webgui Webgui 7.4.8Webgui Webgui 7.4.20Webgui Webgui 7.4.21Webgui Webgui 7.1.3Webgui Webgui 7.0Webgui Webgui 7.0.7Webgui Webgui 7.0.8Webgui Webgui 7.3.2Webgui Webgui 7.3.3Webgui Webgui 7.3.10Webgui Webgui 7.3.11Webgui Webgui 7.3.18Webgui Webgui 7.3.19Webgui Webgui 7.3.20Webgui WebguiWebgui Webgui 7.4.2Webgui Webgui 7.4.5Webgui Webgui 7.4.23Webgui Webgui 7.4.17
9
CVSSv2
CVE-2021-38557
raspap-webgui in RaspAP 2.6.6 allows malicious users to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with no password; however, the www-data account can also overwrite /etc/raspap/h...
Raspap Raspap 2.6.6
9
CVSSv2
CVE-2018-16055
An authenticated command injection vulnerability exists in status_interfaces.php via dhcp_relinquish_lease() in pfSense prior to 2.4.4 due to its passing user input from the $_POST parameters "ifdescr" and "ipv" to a shell without escaping the contents of the ...
Netgate Pfsense
7.5
CVSSv2
CVE-2012-3000
Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebGUI in F5 BIG-IP LTM, GTM, ASM, Link Controller, PSM, APM, Edge Gateway, and Analytics and (2) AVR WebGUI in WebAccelerator and WOM 11.2.x prior to 11.2.0-HF3 and 11.2.x prior to 11...
F5 Big-ip Webaccelerator 11.2.0F5 Big-ip Webaccelerator 11.2.1F5 Big-ip Webaccelerator 11.0.0F5 Big-ip Webaccelerator 11.1.0F5 Big-ip Global Traffic Manager 11.1.0F5 Big-ip Global Traffic Manager 11.0.0F5 Big-ip Global Traffic Manager 11.2.1F5 Big-ip Global Traffic Manager 11.2.0F5 Big-ip Local Traffic Manager 11.1.0F5 Big-ip Local Traffic Manager 11.0.0F5 Big-ip Local Traffic Manager 11.2.0F5 Big-ip Local Traffic Manager 11.2.1F5 Big-ip Protocol Security Module 11.0.0F5 Big-ip Protocol Security Module 11.1.0F5 Big-ip Protocol Security Module 11.2.0F5 Big-ip Protocol Security Module 11.2.1F5 Big-ip Wan Optimization Manager 11.0.0F5 Big-ip Wan Optimization Manager 11.2.0F5 Big-ip Wan Optimization Manager 11.2.1F5 Big-ip Wan Optimization Manager 11.1.0F5 Big-ip Link Controller 11.2.1F5 Big-ip Link Controller 11.1.0
7.5
CVSSv2
CVE-2008-6402
PHP remote file inclusion vulnerability in hu/modules/reg-new/modstart.php in Sofi WebGui 0.6.3 PRE and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the mod_dir parameter.
Muskatli Sofi Webgui 0.4.2Muskatli Sofi WebguiMuskatli Sofi Webgui 0.6.0preMuskatli Sofi Webgui 0.5.2
7.5
CVSSv2
CVE-2005-4694
Unspecified vulnerability in the www_add method in Asset.pm in Plain Black WebGUI 6.3.0 and other versions prior to 6.7.6 allows malicious users to execute arbitrary code via unknown attack vectors.
7.5
CVSSv2
CVE-2005-2837
Multiple eval injection vulnerabilities in PlainBlack Software WebGUI prior to 6.7.3 allow remote malicious users to execute arbitrary Perl code via (1) Help.pm, (2) International.pm, or (3) WebGUI.pm.
Plainblack Webgui
6.8
CVSSv2
CVE-2015-4308
The webGUI configuration-export feature in Cisco Edge Bluebird Operating System 1.2 on Edge 340 devices allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuu43968.
Cisco Edge Bluebird Operating System 1.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook