Vulnerabilities > Hgiga
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-15 | CVE-2021-37912 | OS Command Injection vulnerability in Hgiga Oaklouds Portal The HGiga OAKlouds mobile portal does not filter special characters of the Ethernet number parameter of the network interface card setting page. | 10.0 |
| 2021-09-15 | CVE-2021-37913 | OS Command Injection vulnerability in Hgiga Oaklouds Portal The HGiga OAKlouds mobile portal does not filter special characters of the IPv6 Gateway parameter of the network interface card setting page. | 10.0 |
| 2021-03-18 | CVE-2021-22848 | SQL Injection vulnerability in Hgiga products HGiga MailSherlock contains a SQL Injection. | 7.5 |
| 2021-01-19 | CVE-2021-22852 | SQL Injection vulnerability in Hgiga Oaklouds Openid 2.0/3.0 HGiga EIP product contains SQL Injection vulnerability. | 6.5 |
| 2021-01-19 | CVE-2021-22851 | SQL Injection vulnerability in Hgiga Oaklouds Openid 2.0/3.0 HGiga EIP product contains SQL Injection vulnerability. | 7.5 |
| 2021-01-19 | CVE-2021-22850 | Incorrect Permission Assignment for Critical Resource vulnerability in Hgiga Oaklouds Portal HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privileged functions. | 7.5 |
| 2020-12-31 | CVE-2020-35851 | OS Command Injection vulnerability in Hgiga Msr45 Isherlock-User and Ssr45 Isherlock-User HGiga MailSherlock does not validate specific parameters properly. | 10.0 |
| 2020-12-31 | CVE-2020-35743 | SQL Injection vulnerability in Hgiga products HGiga MailSherlock contains a SQL injection flaw. | 6.5 |
| 2020-12-31 | CVE-2020-35742 | SQL Injection vulnerability in Hgiga products HGiga MailSherlock contains a vulnerability of SQL Injection. | 6.5 |
| 2020-12-31 | CVE-2020-35741 | Cross-site Scripting vulnerability in Hgiga products HGiga MailSherlock does not validate user parameters on multiple login pages. | 4.3 |