Fallos del tipo CWE-78
3885 resultadosCVE-2022-48598HIGHA SQL injection vulnerability exists in the “reporter events type date” feature of the ScienceLogic SL1 that takes unsanitized user‐controllEPSS 0.6%CVE-2022-48592HIGHA SQL injection vulnerability exists in the vendor_country parameter of the “vendor print report” feature of the ScienceLogic SL1 that takesEPSS 0.6%CVE-2022-48589HIGHA SQL injection vulnerability exists in the “reporting job editor” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled inEPSS 0.6%CVE-2022-48602HIGHA SQL injection vulnerability exists in the “message viewer print” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled inEPSS 0.6%CVE-2024-32118MEDIUMMultiple improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet ForEPSS 0.6%CVE-2022-48601HIGHA SQL injection vulnerability exists in the “network print report” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled inEPSS 0.6%CVE-2022-48591HIGHA SQL injection vulnerability exists in the vendor_state parameter of the “vendor print report” feature of the ScienceLogic SL1 that takes uEPSS 0.6%CVE-2022-48585HIGHA SQL injection vulnerability exists in the “admin brand portal” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled inpuEPSS 0.6%CVE-2022-48587HIGHA SQL injection vulnerability exists in the “schedule editor” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input aEPSS 0.6%CVE-2022-48600HIGHA SQL injection vulnerability exists in the “notes view” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled input and paEPSS 0.6%CVE-2022-48590HIGHA SQL injection vulnerability exists in the “admin dynamic app mib errors” feature of the ScienceLogic SL1 that takes unsanitized user‐contrEPSS 0.6%CVE-2022-48596HIGHA SQL injection vulnerability exists in the “ticket queue watchers” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled iEPSS 0.6%CVE-2022-48599HIGHA SQL injection vulnerability exists in the “reporter events type” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled inEPSS 0.6%CVE-2022-48597HIGHA SQL injection vulnerability exists in the “ticket event report” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled inpEPSS 0.6%CVE-2022-48594HIGHA SQL injection vulnerability exists in the “ticket watchers email” feature of the ScienceLogic SL1 that takes unsanitized user‐controlled iEPSS 0.6%CVE-2026-33414MEDIUMPowerShell Command Injection in Podman HyperV MachineEPSS 0.6%CVE-2024-45720HIGHApache Subversion: Command line argument injection on Windows platformsEPSS 0.6%CVE-2022-42433MEDIUMThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N TL-WR841N(US)_EPSS 0.6%CVE-2026-42846CRITICALClipBucket: Remote Play URL Command InjectionEPSS 0.6%CVE-2023-37249—Infoblox NIOS through 8.5.1 has a faulty component that accepts malicious input without sanitization, resulting in shell access.EPSS 0.6%