Vulnerabilities > Hgiga
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-21 | CVE-2023-37292 | OS Command Injection vulnerability in Hgiga Isherlock Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in HGiga iSherlock 4.5 (iSherlock-user modules), HGiga iSherlock 5.5 (iSherlock-user modules) allows OS Command Injection.This issue affects iSherlock 4.5: before iSherlock-user-4.5-174; iSherlock 5.5: before iSherlock-user-5.5-174. | 9.8 |
| 2023-03-27 | CVE-2023-24837 | OS Command Injection vulnerability in Hgiga Powerstation Firmware HGiga PowerStation remote management function has insufficient filtering for user input. | 8.8 |
| 2023-03-27 | CVE-2023-24838 | Information Exposure vulnerability in Hgiga Powerstation Firmware HGiga PowerStation has a vulnerability of Information Leakage. | 9.8 |
| 2023-03-27 | CVE-2023-24839 | Cross-site Scripting vulnerability in Hgiga Oaklouds Mailsherlock 4.5 HGiga MailSherlock’s specific function has insufficient filtering for user input. | 6.1 |
| 2023-03-27 | CVE-2023-24840 | SQL Injection vulnerability in Hgiga Oaklouds Mailsherlock 4.5 HGiga MailSherlock mail query function has vulnerability of insufficient validation for user input. | 7.2 |
| 2023-03-27 | CVE-2023-24841 | OS Command Injection vulnerability in Hgiga Oaklouds Mailsherlock 4.5 HGiga MailSherlock query function for connection log has a vulnerability of insufficient filtering for user input. | 7.2 |
| 2023-03-27 | CVE-2023-24842 | Authorization Bypass Through User-Controlled Key vulnerability in Hgiga Oaklouds Mailsherlock 4.5 HGiga MailSherlock has vulnerability of insufficient access control. | 5.3 |
| 2023-03-27 | CVE-2023-25909 | Unrestricted Upload of File with Dangerous Type vulnerability in Hgiga Oaklouds Portal 2.0/3.0 HGiga OAKlouds file uploading function does not restrict upload of file with dangerous type. | 9.8 |
| 2022-08-30 | CVE-2022-38118 | SQL Injection vulnerability in Hgiga Oaklouds Portal OAKlouds Portal website’s Meeting Room has insufficient validation for user input. | 8.8 |
| 2021-09-15 | CVE-2021-37912 | OS Command Injection vulnerability in Hgiga Oaklouds Portal 2.0/3.0 The HGiga OAKlouds mobile portal does not filter special characters of the Ethernet number parameter of the network interface card setting page. | 9.8 |