Vulnerabilities > Hgiga > Ssr45 Isherlock User > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-12-31 CVE-2020-35743 SQL Injection vulnerability in Hgiga products
HGiga MailSherlock contains a SQL injection flaw.
network
low complexity
hgiga CWE-89
6.5
6.5
2020-12-31 CVE-2020-35742 SQL Injection vulnerability in Hgiga products
HGiga MailSherlock contains a vulnerability of SQL Injection.
network
low complexity
hgiga CWE-89
6.5
6.5
2020-12-31 CVE-2020-35741 Cross-site Scripting vulnerability in Hgiga products
HGiga MailSherlock does not validate user parameters on multiple login pages.
network
hgiga CWE-79
4.3
4.3
2020-12-31 CVE-2020-35740 Cross-site Scripting vulnerability in Hgiga products
HGiga MailSherlock does not validate specific URL parameters properly that allows attackers to inject JavaScript syntax for XSS attacks.
network
hgiga CWE-79
4.3
4.3
2020-12-31 CVE-2020-25850 Unspecified vulnerability in Hgiga Msr45 Isherlock-User and Ssr45 Isherlock-User
The function, view the source code, of HGiga MailSherlock does not validate specific characters.
network
low complexity
hgiga
5.0
5.0