CVE-2005-2837

Multiple eval injection vulnerabilities in PlainBlack Software WebGUI before 6.7.3 allow remote attackers to execute arbitrary Perl code via (1) Help.pm, (2) International.pm, or (3) WebGUI.pm.
References
Link Resource
http://www.plainblack.com/getwebgui/advisories/security-exploit-found-in-6.x-versions Broken Link Patch Vendor Advisory
http://www.securityfocus.com/bid/14732 Broken Link Patch Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:plainblack:webgui:*:*:*:*:*:*:*:*

History

14 Feb 2024, 16:53

Type Values Removed Values Added
References (CONFIRM) http://www.plainblack.com/getwebgui/advisories/security-exploit-found-in-6.x-versions - Patch, Vendor Advisory (CONFIRM) http://www.plainblack.com/getwebgui/advisories/security-exploit-found-in-6.x-versions - Broken Link, Patch, Vendor Advisory
References (BID) http://www.securityfocus.com/bid/14732 - Patch (BID) http://www.securityfocus.com/bid/14732 - Broken Link, Patch, Third Party Advisory, VDB Entry
CWE NVD-CWE-Other CWE-94
First Time Plainblack
Plainblack webgui
CPE cpe:2.3:a:plain_black:webgui:6.2.2:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:6.6.0:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:6.2:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:6.7.2:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:6.2.5:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:6.2.3:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:5.2.4:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:6.7.0:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:6.4.0:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:6.7.1:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:6.2.1:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:6.2.7:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:6.3.0:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:6.2.6:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:6.2.4:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:6.2.9:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:6.2.8:*:*:*:*:*:*:*
cpe:2.3:a:plain_black:webgui:6.5.0_beta:*:*:*:*:*:*:*
cpe:2.3:a:plainblack:webgui:*:*:*:*:*:*:*:*

Information

Published : 2005-09-07 20:03

Updated : 2024-02-28 10:42


NVD link : CVE-2005-2837

Mitre link : CVE-2005-2837

CVE.ORG link : CVE-2005-2837


JSON object : View

Products Affected

plainblack

  • webgui
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')