Vulnerabilities > Hgiga

DATE CVE VULNERABILITY TITLE RISK
2021-09-15 CVE-2021-37912 OS Command Injection vulnerability in Hgiga Oaklouds Portal
The HGiga OAKlouds mobile portal does not filter special characters of the Ethernet number parameter of the network interface card setting page.
network
low complexity
hgiga CWE-78
critical
10.0
2021-09-15 CVE-2021-37913 OS Command Injection vulnerability in Hgiga Oaklouds Portal
The HGiga OAKlouds mobile portal does not filter special characters of the IPv6 Gateway parameter of the network interface card setting page.
network
low complexity
hgiga CWE-78
critical
10.0
2021-03-18 CVE-2021-22848 SQL Injection vulnerability in Hgiga products
HGiga MailSherlock contains a SQL Injection.
network
low complexity
hgiga CWE-89
7.5
2021-01-19 CVE-2021-22852 SQL Injection vulnerability in Hgiga Oaklouds Openid 2.0/3.0
HGiga EIP product contains SQL Injection vulnerability.
network
low complexity
hgiga CWE-89
6.5
2021-01-19 CVE-2021-22851 SQL Injection vulnerability in Hgiga Oaklouds Openid 2.0/3.0
HGiga EIP product contains SQL Injection vulnerability.
network
low complexity
hgiga CWE-89
7.5
2021-01-19 CVE-2021-22850 Incorrect Permission Assignment for Critical Resource vulnerability in Hgiga Oaklouds Portal
HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privileged functions.
network
low complexity
hgiga CWE-732
7.5
2020-12-31 CVE-2020-35851 OS Command Injection vulnerability in Hgiga Msr45 Isherlock-User and Ssr45 Isherlock-User
HGiga MailSherlock does not validate specific parameters properly.
network
low complexity
hgiga CWE-78
critical
10.0
2020-12-31 CVE-2020-35743 SQL Injection vulnerability in Hgiga products
HGiga MailSherlock contains a SQL injection flaw.
network
low complexity
hgiga CWE-89
6.5
2020-12-31 CVE-2020-35742 SQL Injection vulnerability in Hgiga products
HGiga MailSherlock contains a vulnerability of SQL Injection.
network
low complexity
hgiga CWE-89
6.5
2020-12-31 CVE-2020-35741 Cross-site Scripting vulnerability in Hgiga products
HGiga MailSherlock does not validate user parameters on multiple login pages.
network
hgiga CWE-79
4.3