Vulnerabilities > Improper Neutralization of Special Elements used in a Command ('Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-11 | CVE-2024-22197 | Command Injection vulnerability in Nginxui Nginx UI Nginx-ui is online statistics for Server Indicators?? Monitor CPU usage, memory usage, load average, and disk usage in real-time. | 8.8 |
| 2024-01-11 | CVE-2023-52027 | Command Injection vulnerability in Totolink A3700R Firmware 9.1.2U.5822B20200513 TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the NTPSyncWithHost function. | 9.8 |
| 2024-01-11 | CVE-2023-6634 | Command Injection vulnerability in Thimpress Learnpress The LearnPress plugin for WordPress is vulnerable to Command Injection in all versions up to, and including, 4.2.5.7 via the get_content function. | 9.8 |
| 2024-01-10 | CVE-2023-51126 | Command Injection vulnerability in Flir AX8 Firmware Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows attackers to run arbitrary commands via the value parameter. | 9.8 |
| 2024-01-10 | CVE-2023-51972 | Command Injection vulnerability in Tenda Ax1803 Firmware 1.0.0.1 Tenda AX1803 v1.0.0.1 was discovered to contain a command injection vulnerability via the function fromAdvSetLanIp. | 9.8 |
| 2024-01-09 | CVE-2023-49237 | Command Injection vulnerability in Trendnet Tv-Ip1314Pi Firmware 5.5.3 An issue was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices. | 9.8 |
| 2024-01-09 | CVE-2024-21663 | Command Injection vulnerability in Demon1A Discord-Recon Discord-Recon is a Discord bot created to automate bug bounty recon, automated scans and information gathering via a discord server. | 8.8 |
| 2024-01-08 | CVE-2024-0291 | Command Injection vulnerability in Totolink Lr1200Gb Firmware 9.1.0U.6619B20230130 A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. | 8.8 |
| 2024-01-05 | CVE-2023-47560 | Command Injection vulnerability in Qnap Qumagie 2.2.0 An OS command injection vulnerability has been reported to affect QuMagie. | 8.8 |
| 2023-12-29 | CVE-2023-52137 | Command Injection vulnerability in Tj-Actions Verify-Changed-Files The [`tj-actions/verify-changed-files`](https://github.com/tj-actions/verify-changed-files) action allows for command injection in changed filenames, allowing an attacker to execute arbitrary code and potentially leak secrets. | 8.8 |