Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-06 | CVE-2018-19908 | OS Command Injection vulnerability in Misp An issue was discovered in MISP 2.4.9x before 2.4.99. | 8.8 |
| 2018-12-06 | CVE-2018-19907 | OS Command Injection vulnerability in Craftercms Crafter CMS A Server-Side Template Injection issue was discovered in Crafter CMS 3.0.18. | 8.8 |
| 2018-12-04 | CVE-2018-12317 | OS Command Injection vulnerability in Asustor Data Master 3.1.1 OS command injection in group.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root by modifying the "name" POST parameter. | 8.8 |
| 2018-12-04 | CVE-2018-12316 | OS Command Injection vulnerability in Asustor Data Master 3.1.1 OS Command Injection in upload.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands by modifying the filename POST parameter. | 8.8 |
| 2018-12-04 | CVE-2018-12313 | OS Command Injection vulnerability in Asustor Data Master 3.1.1 OS command injection in snmp.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands without authentication via the "rocommunity" URL parameter. | 9.8 |
| 2018-12-04 | CVE-2018-12312 | OS Command Injection vulnerability in Asustor Data Master 3.1.1 OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root via the "secret_key" URL parameter. | 8.8 |
| 2018-12-04 | CVE-2018-12307 | OS Command Injection vulnerability in Asustor Data Master 3.1.1 OS command injection in user.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands as root via the "name" POST parameter. | 8.8 |
| 2018-12-03 | CVE-2018-4021 | OS Command Injection vulnerability in Netgate Pfsense 2.4.4 An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. | 7.2 |
| 2018-12-03 | CVE-2018-4020 | OS Command Injection vulnerability in Netgate Pfsense 2.4.4 An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. | 7.2 |
| 2018-12-03 | CVE-2018-4019 | OS Command Injection vulnerability in Netgate Pfsense 2.4.4 An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. | 7.2 |