Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-24 | CVE-2019-11217 | Command Injection vulnerability in Bonobogitserver Bonobo GIT Server The GitController in Jakub Chodounsky Bonobo Git Server before 6.5.0 allows execution of arbitrary commands in the context of the web server via a crafted http request. | 9.8 |
| 2019-04-23 | CVE-2019-11076 | Command Injection vulnerability in Cribl 1.5.0 Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request. | 9.8 |
| 2019-03-26 | CVE-2019-9743 | Command Injection vulnerability in Phoenixcontact products An issue was discovered on PHOENIX CONTACT RAD-80211-XD and RAD-80211-XD/HP-BUS devices. | 8.8 |
| 2019-03-26 | CVE-2019-9059 | Command Injection vulnerability in Cmsmadesimple CMS Made Simple An issue was discovered in CMS Made Simple 2.2.8. | 7.2 |
| 2019-03-25 | CVE-2019-7610 | Command Injection vulnerability in Elastic Kibana Kibana versions before 6.6.1 contain an arbitrary code execution flaw in the security audit logger. | 9.0 |
| 2019-03-21 | CVE-2019-7537 | Command Injection vulnerability in Pytroll Donfig 0.3.0 An issue was discovered in Donfig 0.3.0. | 9.8 |
| 2019-03-21 | CVE-2018-3963 | Command Injection vulnerability in Getcujo Smart Firewall 7003 An exploitable command injection vulnerability exists in the DHCP daemon configuration of the CUJO Smart Firewall. | 8.0 |
| 2019-03-21 | CVE-2019-6275 | Command Injection vulnerability in Gl-Inet Gl-Ar300M-Lite Firmware 2.27 Command injection vulnerability in firmware_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code. | 8.8 |
| 2019-03-21 | CVE-2019-6272 | Command Injection vulnerability in Gl-Inet Gl-Ar300M-Lite Firmware 2.27 Command injection vulnerability in login_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code. | 8.8 |
| 2019-03-21 | CVE-2019-5413 | Command Injection vulnerability in Morgan Project Morgan An attacker can use the format parameter to inject arbitrary commands in the npm package morgan < 1.9.1. | 9.8 |