Vulnerabilities > Hgiga > Msr45 Isherlock User > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-03-18 CVE-2021-22848 SQL Injection vulnerability in Hgiga products
HGiga MailSherlock contains a SQL Injection.
network
low complexity
hgiga CWE-89
critical
 9.8
9.8
2020-12-31 CVE-2020-25848 Improper Authentication vulnerability in Hgiga products
HGiga MailSherlock contains weak authentication flaw that attackers grant privilege remotely with default password generation mechanism.
network
low complexity
hgiga CWE-287
critical
 9.8
9.8
2020-12-31 CVE-2020-35851 OS Command Injection vulnerability in Hgiga Msr45 Isherlock-User and Ssr45 Isherlock-User
HGiga MailSherlock does not validate specific parameters properly.
network
low complexity
hgiga CWE-78
critical
 9.8
9.8