Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
command injection vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2020-16104
SQL Injection vulnerability in Enterprise Data Interface of Gallagher Command Centre allows a remote attacker with 'Edit Enterprise Data Interfaces' privilege to execute arbitrary SQL against a third party database if EDI is configured to import data from this...
Gallagher Command Centre
Gallagher Command Centre 8.00.1228
Gallagher Command Centre 8.10.1211
Gallagher Command Centre 8.20.1166
Gallagher Command Centre 8.30.1236
6.5
CVSSv2
CVE-2015-7999
Multiple SQL injection vulnerabilities in the Administration Web UI servlets in Citrix Command Center before 5.1 Build 36.7 and 5.2 before Build 44.11 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors....
Citrix Command Center 5.1
Citrix Command Center 5.2
5
CVSSv2
CVE-2018-1280
Pivotal Greenplum Command Center versions 2.x prior to 2.5.1 contains a blind SQL injection vulnerability. An unauthenticated user can perform a SQL injection in the command center which results in disclosure of database contents....
Pivotal Software Greenplum Command Center
7.5
CVSSv2
CVE-2014-1636
Multiple SQL injection vulnerabilities in Command School Student Management System 1.06.01 allow remote attackers to execute arbitrary SQL commands via the id parameter in an edit action to (1) admin_school_names.php, (2) admin_subjects.php, (3) admin_grades.php, (4)...
Doug Poulin Command School Student Management System 1.06.01
12 EDB exploits available
4.6
CVSSv2
CVE-2017-1000159
Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91....
Gnome Evince
10
CVSSv2
CVE-2017-1000469
Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user....
Cobbler Project Cobbler
7.5
CVSSv2
CVE-2017-1000487
Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings....
Plexus-utils Project Plexus-utils
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 Github repository available
9
CVSSv2
CVE-2020-29017
FortiDeceptor is impacted by an OS command injection vulnerability. An OS command injection vulnerability in FortiDeceptor may allow a remote authenticated attacker to execute arbitrary commands on the system by exploiting a command injection vulnerability on the Customization...
Fortinet Fortideceptor 3.0.0
Fortinet Fortideceptor 3.0.1
Fortinet Fortideceptor 3.1.0
10
CVSSv2
CVE-2019-12929
** DISPUTED ** The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been...
Qemu Qemu
6.8
CVSSv2
CVE-2017-5078
Insufficient validation of untrusted input in Blink's mailto: handling in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac allowed a remote attacker to perform command injection via a crafted HTML page, a similar issue to CVE-2004-0121. For example,...
Google Chrome
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-21985
SQL
CVE-2021-3560
CVE-2020-12917
CVE-2020-12919
client side
CVE-2020-12909
CVE-2020-12935
injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »
Vulmon