VYPR

iSherlock

by Hgiga

CVEs (10)

  • CVE-2025-11900CriOct 17, 2025
    risk 0.64cvss 9.8epss 0.02

    The iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.

  • CVE-2025-7451CriJul 14, 2025
    risk 0.64cvss 9.8epss 0.01

    The iSherlock developed by Hgiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server. This vulnerability has already been exploited. Please update immediately.

  • CVE-2025-3363CriApr 8, 2025
    risk 0.64cvss 9.8epss 0.01

    The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.

  • CVE-2025-3362CriApr 8, 2025
    risk 0.64cvss 9.8epss 0.01

    The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.

  • CVE-2025-3361CriApr 8, 2025
    risk 0.64cvss 9.8epss 0.01

    The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.

  • CVE-2023-37292CriJul 21, 2023
    risk 0.64cvss 9.8epss 0.01

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in HGiga iSherlock 4.5 (iSherlock-user modules), HGiga iSherlock 5.5 (iSherlock-user modules) allows OS Command Injection.This issue affects iSherlock 4.5: before…

  • CVE-2024-4299HigApr 29, 2024
    risk 0.47cvss 7.2epss 0.02

    The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability for Command…

  • CVE-2024-4298HigApr 29, 2024
    risk 0.47cvss 7.2epss 0.02

    The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability for Command Injection…

  • CVE-2024-4297MedApr 29, 2024
    risk 0.32cvss 4.9epss 0.01

    The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download…

  • CVE-2024-4296MedApr 29, 2024
    risk 0.32cvss 4.9epss 0.01

    The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download…