Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
command injection vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2021-23230
A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged Command Centre Operator to modify Command Centre databases undetected. This issue affects: Gallagher Command Centre 8.40 versions before 8.40.1888 (MR3); 8.30 versions be...
Gallagher Command Centre
Gallagher Command Centre 8.10.1284
Gallagher Command Centre 8.20.1259
Gallagher Command Centre 8.30.1359
Gallagher Command Centre 8.40.1888
7.2
CVSSv3
CVE-2020-16104
SQL Injection vulnerability in Enterprise Data Interface of Gallagher Command Centre allows a remote attacker with 'Edit Enterprise Data Interfaces' privilege to execute arbitrary SQL against a third party database if EDI is configured to import data from this database....
Gallagher Command Centre
Gallagher Command Centre 8.00.1228
Gallagher Command Centre 8.10.1211
Gallagher Command Centre 8.20.1166
Gallagher Command Centre 8.30.1236
8.1
CVSSv3
CVE-2015-7999
Multiple SQL injection vulnerabilities in the Administration Web UI servlets in Citrix Command Center prior to 5.1 Build 36.7 and 5.2 before Build 44.11 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Citrix Command Center 5.1
Citrix Command Center 5.2
NA
CVE-2014-1636
Multiple SQL injection vulnerabilities in Command School Student Management System 1.06.01 allow remote malicious users to execute arbitrary SQL commands via the id parameter in an edit action to (1) admin_school_names.php, (2) admin_subjects.php, (3) admin_grades.php, (4) admin_...
Doug Poulin Command School Student Management System 1.06.01
12 EDB exploits
7.5
CVSSv3
CVE-2018-1280
Pivotal Greenplum Command Center versions 2.x before 2.5.1 contains a blind SQL injection vulnerability. An unauthenticated user can perform a SQL injection in the command center which results in disclosure of database contents.
Pivotal Software Greenplum Command Center
5.5
CVSSv3
CVE-2022-26348
Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attacker using the Visitor Management Kiosk, an application designed for public use, to invoke an arbitrary SQL query that has ...
Gallagher Command Centre
7.2
CVSSv3
CVE-2022-20851
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote malicious user to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability b...
Cisco Ios Xe 17.6.1
8.8
CVSSv3
CVE-2020-3224
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to inject IOS commands to an affected device. The injected commands should require a higher privilege level in order to be exe...
Cisco Ios Xe 16.11.1
Cisco Ios Xe 16.11.1a
Cisco Ios Xe 16.11.1b
Cisco Ios Xe 16.11.1c
Cisco Ios Xe 16.11.1s
Cisco Ios Xe 16.12.1y
8.8
CVSSv3
CVE-2019-12650
Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote malicious user to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details se...
Cisco Ios 16.11.1
Cisco Ios Xe 16.6.5
Cisco Ios Xe 17.1.1
8.8
CVSSv3
CVE-2019-12651
Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote malicious user to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details se...
Cisco Ios 16.11.1
Cisco Cloud Services Router 1000v Firmware 17.1.1
Cisco Integrated Services Virtual Router Firmware 16.6.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »