Hgiga

Isherlock

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-11900

  • EPSS 0.66%
  • Veröffentlicht 17.10.2025 03:50:44
  • Zuletzt bearbeitet 21.10.2025 19:31:50

The iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.

9.8

CVE-2025-7451

  • EPSS 0.41%
  • Veröffentlicht 14.07.2025 02:35:39
  • Zuletzt bearbeitet 15.07.2025 13:14:24

The iSherlock developed by Hgiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server. This vulnerability has already been exploited. Please update immedia...

9.8

CVE-2025-3363

  • EPSS 1.06%
  • Veröffentlicht 08.04.2025 02:15:21
  • Zuletzt bearbeitet 08.04.2025 18:13:53

The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.

9.8

CVE-2025-3361

  • EPSS 1.06%
  • Veröffentlicht 08.04.2025 02:15:20
  • Zuletzt bearbeitet 08.04.2025 18:13:53

The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.

9.8

CVE-2025-3362

  • EPSS 1.06%
  • Veröffentlicht 08.04.2025 02:15:20
  • Zuletzt bearbeitet 08.04.2025 18:13:53

The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.

7.2

CVE-2024-4299

  • EPSS 2.13%
  • Veröffentlicht 29.04.2024 04:15:08
  • Zuletzt bearbeitet 26.01.2026 14:27:50

The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vul...

4.9

CVE-2024-4297

  • EPSS 0.13%
  • Veröffentlicht 29.04.2024 03:15:09
  • Zuletzt bearbeitet 26.01.2026 14:42:44

The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vu...

7.2

CVE-2024-4298

  • EPSS 2.78%
  • Veröffentlicht 29.04.2024 03:15:09
  • Zuletzt bearbeitet 26.01.2026 14:29:17

The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerabili...

4.9

CVE-2024-4296

  • EPSS 0.06%
  • Veröffentlicht 29.04.2024 02:15:06
  • Zuletzt bearbeitet 26.01.2026 14:46:45

The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vuln...

9.8

CVE-2023-37292

  • EPSS 0.34%
  • Veröffentlicht 21.07.2023 05:15:15
  • Zuletzt bearbeitet 21.11.2024 08:11:24

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in HGiga iSherlock 4.5 (iSherlock-user modules), HGiga iSherlock 5.5 (iSherlock-user modules) allows OS Command Injection.This issue affects iShe...