Vulnerabilities > Argument Injection or Modification

DATE CVE VULNERABILITY TITLE RISK
2023-04-04 CVE-2023-25356 Argument Injection or Modification vulnerability in Coredial Sipxcom
CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument Delimiters in a Command.
network
low complexity
coredial CWE-88
8.8
2023-02-16 CVE-2022-40677 Argument Injection or Modification vulnerability in Fortinet Fortinac
A improper neutralization of argument delimiters in a command ('argument injection') in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 allows attacker to execute unauthorized code or commands via specially crafted input parameters.
network
low complexity
fortinet CWE-88
8.8
2022-12-22 CVE-2022-47926 Argument Injection or Modification vulnerability in Ayacms Project Ayacms 3.1.2
AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php
network
low complexity
ayacms-project CWE-88
critical
9.8
2022-11-23 CVE-2022-23740 Argument Injection or Modification vulnerability in Github Enterprise Server 3.7.0
CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was identified in GitHub Enterprise Server that enabled remote code execution.
network
low complexity
github CWE-88
8.8
2022-11-09 CVE-2022-45062 Argument Injection or Modification vulnerability in multiple products
In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper.
network
low complexity
xfce debian fedoraproject CWE-88
critical
9.8
2022-10-24 CVE-2021-46850 Argument Injection or Modification vulnerability in Vestacp Control Panel and Vesta Control Panel
myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel before 0.9.8-26 are vulnerable to command injection.
network
low complexity
vestacp CWE-88
7.2
2022-10-16 CVE-2022-42968 Argument Injection or Modification vulnerability in Gitea
Gitea before 1.17.3 does not sanitize and escape refs in the git backend.
network
low complexity
gitea CWE-88
critical
9.8
2022-10-11 CVE-2022-3140 Argument Injection or Modification vulnerability in multiple products
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server.
network
low complexity
libreoffice debian fedoraproject CWE-88
6.3
2022-09-21 CVE-2022-37027 Argument Injection or Modification vulnerability in Ahsay Cloud Backup Suite 9.1.4.0
Ahsay AhsayCBS 9.1.4.0 allows an authenticated system user to inject arbitrary Java JVM options.
network
low complexity
ahsay CWE-88
7.2
2022-09-07 CVE-2022-36069 Argument Injection or Modification vulnerability in Python-Poetry Poetry
Poetry is a dependency manager for Python.
local
low complexity
python-poetry CWE-88
7.3