Vulnerabilities > Hgiga

DATE CVE VULNERABILITY TITLE RISK
2023-07-21 CVE-2023-37292 OS Command Injection vulnerability in Hgiga Isherlock
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in HGiga iSherlock 4.5 (iSherlock-user modules), HGiga iSherlock 5.5 (iSherlock-user modules) allows OS Command Injection.This issue affects iSherlock 4.5: before iSherlock-user-4.5-174; iSherlock 5.5: before iSherlock-user-5.5-174.
network
low complexity
hgiga CWE-78
critical
 9.8
9.8
2023-03-27 CVE-2023-24838 Information Exposure vulnerability in Hgiga Powerstation Firmware
HGiga PowerStation has a vulnerability of Information Leakage.
network
low complexity
hgiga CWE-200
critical
 9.8
9.8
2022-08-30 CVE-2022-38118 SQL Injection vulnerability in Hgiga Oaklouds Portal
OAKlouds Portal website’s Meeting Room has insufficient validation for user input.
network
low complexity
hgiga CWE-89
8.8
8.8
2021-09-15 CVE-2021-37912 OS Command Injection vulnerability in Hgiga Oaklouds Portal
The HGiga OAKlouds mobile portal does not filter special characters of the Ethernet number parameter of the network interface card setting page.
network
low complexity
hgiga CWE-78
critical
 10.0
10
2021-09-15 CVE-2021-37913 OS Command Injection vulnerability in Hgiga Oaklouds Portal
The HGiga OAKlouds mobile portal does not filter special characters of the IPv6 Gateway parameter of the network interface card setting page.
network
low complexity
hgiga CWE-78
critical
 10.0
10
2021-03-18 CVE-2021-22848 SQL Injection vulnerability in Hgiga products
HGiga MailSherlock contains a SQL Injection.
network
low complexity
hgiga CWE-89
7.5
7.5
2021-01-19 CVE-2021-22852 SQL Injection vulnerability in Hgiga Oaklouds Openid 2.0/3.0
HGiga EIP product contains SQL Injection vulnerability.
network
low complexity
hgiga CWE-89
6.5
6.5
2021-01-19 CVE-2021-22851 SQL Injection vulnerability in Hgiga Oaklouds Openid 2.0/3.0
HGiga EIP product contains SQL Injection vulnerability.
network
low complexity
hgiga CWE-89
7.5
7.5
2021-01-19 CVE-2021-22850 Missing Authentication for Critical Function vulnerability in Hgiga Oaklouds Portal
HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privileged functions.
network
low complexity
hgiga CWE-306
critical
 9.8
9.8
2020-12-31 CVE-2020-35851 OS Command Injection vulnerability in Hgiga Msr45 Isherlock-User and Ssr45 Isherlock-User
HGiga MailSherlock does not validate specific parameters properly.
network
low complexity
hgiga CWE-78
critical
 10.0
10