Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

command injection vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2021-23230
A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre databases undetected. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions...
Gallagher Command CentreGallagher Command Centre 8.10.1284Gallagher Command Centre 8.20.1259Gallagher Command Centre 8.30.1359Gallagher Command Centre 8.40.1888
NA
CVE-2020-16104
SQL Injection vulnerability in Enterprise Data Interface of Gallagher Command Centre allows a remote attacker with 'Edit Enterprise Data Interfaces' privilege to execute arbitrary SQL against a third party database if EDI is configured to import data from this...
Gallagher Command CentreGallagher Command Centre 8.00.1228Gallagher Command Centre 8.10.1211Gallagher Command Centre 8.20.1166Gallagher Command Centre 8.30.1236
578
VMScore
CVE-2015-7999
Multiple SQL injection vulnerabilities in the Administration Web UI servlets in Citrix Command Center before 5.1 Build 36.7 and 5.2 before Build 44.11 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors....
Citrix Command Center 5.1Citrix Command Center 5.2
NA
CVE-2022-26348
Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attacker using the Visitor Management Kiosk, an application designed for public use, to invoke an arbitrary SQL query that has...
Gallagher Command Centre
445
VMScore
CVE-2018-1280
Pivotal Greenplum Command Center versions 2.x prior to 2.5.1 contains a blind SQL injection vulnerability. An unauthenticated user can perform a SQL injection in the command center which results in disclosure of database contents....
Pivotal Software Greenplum Command Center
810
VMScore
CVE-2014-1636
Multiple SQL injection vulnerabilities in Command School Student Management System 1.06.01 allow remote attackers to execute arbitrary SQL commands via the id parameter in an edit action to (1) admin_school_names.php, (2) admin_subjects.php, (3) admin_grades.php, (4)...
Doug Poulin Command School Student Management System 1.06.01
NA
CVE-2022-26945
go-getter up to 1.5.11 and 2.0.2 allowed protocol switching, endless redirect, and configuration bypass via abuse of custom HTTP response header processing. Fixed in 1.6.1 and 2.1.0....
Hashicorp Go-getter 2.0.2Hashicorp Go-getter
NA
CVE-2020-29017
An OS command injection vulnerability in FortiDeceptor 3.1.0, 3.0.1, 3.0.0 may allow a remote authenticated attacker to execute arbitrary commands on the system by exploiting a command injection vulnerability on the Customization page....
Fortinet Fortideceptor 3.0.0Fortinet Fortideceptor 3.0.1Fortinet Fortideceptor 3.1.0
NA
CVE-2022-25648
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The...
Git Git
NA
CVE-2022-0841
OS Command Injection in GitHub repository ljharb/npm-lockfile in v2.0.3 and v2.0.4....
Npm-lockfile Project Npm-lockfile 2.0.3Npm-lockfile Project Npm-lockfile 2.0.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-3236CVE-2022-32781CVE-2022-32826IDORopen redirectCVE-2022-32849CVE-2022-26134CVE-2022-40667unauthorized
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook