Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-06 | CVE-2019-10891 | OS Command Injection vulnerability in Dlink Dir-806 Firmware An issue was discovered in D-Link DIR-806 devices. | 10.0 |
| 2019-09-05 | CVE-2019-15029 | OS Command Injection vulnerability in Fusionpbx 4.4.8 FusionPBX 4.4.8 allows an attacker to execute arbitrary system commands by submitting a malicious command to the service_edit.php file (which will insert the malicious command into the database). | 9.0 |
| 2019-09-05 | CVE-2019-15949 | OS Command Injection vulnerability in Nagios XI Nagios XI before 5.6.6 allows remote command execution as root. | 9.0 |
| 2019-09-03 | CVE-2019-5475 | OS Command Injection vulnerability in Sonatype Nexus Repository Manager The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability. | 9.0 |
| 2019-08-29 | CVE-2019-11364 | OS Command Injection vulnerability in Prophecyinternational Snare Central An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php FORMNAS_share parameter. | 9.0 |
| 2019-08-27 | CVE-2019-15701 | OS Command Injection vulnerability in Bloodhound Project Bloodhound 2.2.0 components/Modals/HelpModal.jsx in BloodHound 2.2.0 allows remote attackers to execute arbitrary OS commands (by spawning a child process as the current user on the victim's machine) when the search function's autocomplete feature is used. | 6.8 |
| 2019-08-26 | CVE-2019-15503 | OS Command Injection vulnerability in Altavoz Prontuscms 11.2.101/12.0.3.0 cgi-cpn/xcoding/prontus_videocut.cgi in AltaVoz Prontus (aka ProntusCMS) through 12.0.3.0 has "Improper Neutralization of Special Elements used in an OS Command," allowing attackers to execute OS commands via an HTTP GET parameter. | 10.0 |
| 2019-08-23 | CVE-2019-15530 | OS Command Injection vulnerability in Dlink Dir-823G Firmware 1.0.2B05 An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. | 9.0 |
| 2019-08-23 | CVE-2019-15529 | OS Command Injection vulnerability in Dlink Dir-823G Firmware 1.0.2B05 An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. | 9.0 |
| 2019-08-23 | CVE-2019-15528 | OS Command Injection vulnerability in Dlink Dir-823G Firmware 1.0.2B05 An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. | 9.0 |