Vulnerabilities > Argument Injection or Modification
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-13 | CVE-2021-21814 | Argument Injection or Modification vulnerability in ATT Xmill 0.7 Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. | 7.8 |
| 2021-08-11 | CVE-2021-3045 | Argument Injection or Modification vulnerability in Paloaltonetworks Pan-Os An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system. | 4.9 |
| 2021-07-22 | CVE-2021-3540 | Argument Injection or Modification vulnerability in Ivanti Mobileiron 10.7.0.19/11.0.0.0 By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish shell on affected versions of Ivanti MobileIron Core. | 7.2 |
| 2021-07-21 | CVE-2021-34816 | Argument Injection or Modification vulnerability in Etherpad 1.8.13 An Argument Injection issue in the plugin management of Etherpad 1.8.13 allows privileged users to execute arbitrary code on the server by installing plugins from an attacker-controlled source. | 7.2 |
| 2021-07-13 | CVE-2021-36122 | Argument Injection or Modification vulnerability in Echobh Sharecare 8.15.5 An issue was discovered in Echo ShareCare 8.15.5. | 8.8 |
| 2021-06-11 | CVE-2021-3256 | Argument Injection or Modification vulnerability in Kuaifan Kuaifancms 5.0 KuaiFanCMS V5.x contains an arbitrary file read vulnerability in the html_url parameter of the chakanhtml.module.php file. | 6.5 |
| 2021-05-29 | CVE-2021-33564 | Argument Injection or Modification vulnerability in Dragonfly Project Dragonfly An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files via a crafted URL when the verify_url option is disabled. | 9.8 |
| 2021-05-22 | CVE-2021-1531 | Argument Injection or Modification vulnerability in Cisco Modeling Labs A vulnerability in the web UI of Cisco Modeling Labs could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the web application on the underlying operating system of an affected Cisco Modeling Labs server. | 8.8 |
| 2021-05-11 | CVE-2021-31909 | Argument Injection or Modification vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible. | 9.8 |
| 2021-04-27 | CVE-2021-29472 | Argument Injection or Modification vulnerability in multiple products Composer is a dependency manager for PHP. | 8.8 |