Detections
Analytics

WebGUI user profile Unspecified Vulnerability

high Nessus Plugin ID 15787

Language:

Synopsis

The remote web server contains a CGI script that has an unspecified remote flaw.

Description

The remote host is running WebGUI, a content management system from Plain Black Software.

According to its banner, the version of this software on the remote is earlier than 6.2.9 and thus affected by an undisclosed remote vulnerability related to the 'user profile' feature.

Solution

Upgrade to WebGUI 6.2.9 or newer.

See Also

http://sourceforge.net/project/shownotes.php?release_id=284011

Plugin Details

Severity: High

ID: 15787

File Name: webgui_unspecified_vuln.nasl

Version: 1.16

Type: remote

Family: CGI abuses

Published: 11/22/2004

Updated: 1/19/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 11/19/2004

Reference Information

BID: 11727