Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')

DATE	CVE	VULNERABILITY TITLE	RISK
2025-04-19	CVE-2025-3816	A vulnerability classified as critical was found in westboy CicadasCMS 2.0. network low complexity CWE-77	4.7
2025-03-31	CVE-2025-2983	A vulnerability has been found in Legrand SMS PowerView 1.x and classified as critical. low complexity CWE-77	5.5
2025-03-25	CVE-2025-2733	A vulnerability classified as critical has been found in mannaandpoem OpenManus up to 2025.3.13. network low complexity CWE-77	6.3
2025-03-24	CVE-2025-2701	A vulnerability classified as critical was found in AMTT Hotel Broadband Operation System 1.0. network low complexity CWE-77	6.3
2025-03-21	CVE-2025-25274	Command Injection vulnerability in Mattermost Server Mattermost versions 10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8 fail to restrict command execution in archived channels, which allows authenticated users to run commands in archived channels. network low complexity mattermost CWE-77	8.8
2025-03-17	CVE-2025-2367	A vulnerability has been found in Oiwtech OIW-2431APGN-HP 2.5.3-B20131128 and classified as critical. network low complexity CWE-77	6.3
2025-03-11	CVE-2025-24049	Improper neutralization of special elements used in a command ('command injection') in Azure Command Line Integration (CLI) allows an unauthorized attacker to elevate privileges locally. local low complexity CWE-77	8.4
2025-03-11	CVE-2025-26627	Improper neutralization of special elements used in a command ('command injection') in Azure Arc allows an authorized attacker to elevate privileges locally. local high complexity CWE-77	7.0
2025-03-10	CVE-2025-1497	Command Injection vulnerability in Mljar Plotai A vulnerability, that could result in Remote Code Execution (RCE), has been found in PlotAI. network low complexity mljar CWE-77 critical	9.8
2025-03-02	CVE-2025-1819	A vulnerability, which was classified as critical, was found in Tenda AC7 1200M 15.03.06.44. network low complexity CWE-77	6.3