Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-26 | CVE-2019-9059 | Command Injection vulnerability in Cmsmadesimple CMS Made Simple An issue was discovered in CMS Made Simple 2.2.8. | 7.2 |
| 2019-03-25 | CVE-2019-7610 | Command Injection vulnerability in Elastic Kibana Kibana versions before 6.6.1 contain an arbitrary code execution flaw in the security audit logger. | 9.0 |
| 2019-03-21 | CVE-2019-7537 | Command Injection vulnerability in Pytroll Donfig 0.3.0 An issue was discovered in Donfig 0.3.0. | 9.8 |
| 2019-03-21 | CVE-2018-3963 | Command Injection vulnerability in Getcujo Smart Firewall 7003 An exploitable command injection vulnerability exists in the DHCP daemon configuration of the CUJO Smart Firewall. | 8.0 |
| 2019-03-21 | CVE-2019-6275 | Command Injection vulnerability in Gl-Inet Gl-Ar300M-Lite Firmware 2.27 Command injection vulnerability in firmware_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code. | 8.8 |
| 2019-03-21 | CVE-2019-6272 | Command Injection vulnerability in Gl-Inet Gl-Ar300M-Lite Firmware 2.27 Command injection vulnerability in login_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code. | 8.8 |
| 2019-03-21 | CVE-2019-5413 | Command Injection vulnerability in Morgan Project Morgan An attacker can use the format parameter to inject arbitrary commands in the npm package morgan < 1.9.1. | 9.8 |
| 2019-03-08 | CVE-2018-20236 | Command Injection vulnerability in Atlassian Sourcetree There was an command injection vulnerability in Sourcetree for Windows from version 0.5a before version 3.0.10 via URI handling. | 8.8 |
| 2019-03-05 | CVE-2019-3920 | Command Injection vulnerability in Nokia I-240W-Q Gpon ONT Firmware 3Fe54567Bozj19 The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to authenticated command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/device_Form?script/. | 8.8 |
| 2019-03-05 | CVE-2019-3919 | Command Injection vulnerability in Nokia I-240W-Q Gpon ONT Firmware 3Fe54567Bozj19 The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/usb_restore_Form?script/. | 8.8 |