Isherlock 4.5
Approved changes feed: RSS · Atom
cpe:2.3:a:hgiga:isherlock_4.5:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Hgiga (3395f64f-c7c9-5c57-a478-cf9fa807fa6c) |
|---|---|
| Product | Isherlock 4.5 (5c9b25fa-a122-5f1a-b958-064884cf5ecf) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-3363 |
vulnerable | 2026-06-03 15:01:04.291770 |
HGiga iSherlock - OS Command Injection
CRITICAL (9.8)
The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.
Published: 2025-04-08T02:11:48.241Z
Updated: 2025-04-08T14:19:12.551Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-3362 |
vulnerable | 2026-06-03 15:01:04.291430 |
HGiga iSherlock - OS Command Injection
CRITICAL (9.8)
The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.
Published: 2025-04-08T02:03:34.585Z
Updated: 2025-04-08T14:51:59.807Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-3361 |
vulnerable | 2026-06-03 15:01:04.289589 |
HGiga iSherlock - OS Command Injection
CRITICAL (9.8)
The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.
Published: 2025-04-08T02:00:12.620Z
Updated: 2025-04-08T15:59:50.067Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11900 |
vulnerable | 2026-06-03 14:58:43.446802 |
HGiga|iSherlock - OS Command Injection
CRITICAL (9.8)
The iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.
Published: 2025-10-17T03:50:44.524Z
Updated: 2025-10-17T14:25:15.078Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-4299 |
vulnerable | 2026-06-03 14:57:15.154992 |
HGiga iSherlock - Command Injection
HIGH (7.2)
The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability for Command Injection attacks, enabling execution of arbitrary system commands.
Published: 2024-04-29T03:15:18.038Z
Updated: 2025-07-14T02:21:35.775Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-4298 |
vulnerable | 2026-06-03 14:57:15.154423 |
HGiga iSherlock - Command Injection
HIGH (7.2)
The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability for Command Injection attacks, enabling execution of arbitrary system commands.
Published: 2024-04-29T02:39:04.580Z
Updated: 2025-07-14T02:19:23.281Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-4297 |
vulnerable | 2026-06-03 14:57:15.152597 |
HGiga iSherlock - Arbitrary File Download
MEDIUM (4.9)
The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files.
Published: 2024-04-29T02:28:24.526Z
Updated: 2025-07-14T02:17:55.601Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-4296 |
vulnerable | 2026-06-03 14:57:15.149521 |
HGiga iSherlock - Arbitrary File Download
MEDIUM (4.9)
The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files.
Published: 2024-04-29T02:08:23.300Z
Updated: 2025-07-14T02:15:08.879Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37292 |
vulnerable | 2026-06-03 14:52:28.691759 |
HGiga iSherlock - Command Injection
CRITICAL (9.8)
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in HGiga iSherlock 4.5 (iSherlock-user modules), HGiga iSherlock 5.5 (iSherlock-user modules) allows OS Command Injection.This issue affects iSherlock 4.5: before iSherlock-user-4.5-174; iSherlock 5.5: before iSherlock-user-5.5-174.
Published: 2023-07-21T04:08:55.811Z
Updated: 2024-10-24T14:30:28.102Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.