What the vulnerability does
01Description
HGiga MailSherlock contains a SQL injection flaw. Attackers can inject and launch SQL commands in a URL parameter of specific cgi pages.
CVSS base score
7.0/10
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
Key dates
02Disclosure timeline
December 31, 2020
CVE published
September 17, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-4966 itsourcecode Free Hotel Reservation System index.php sql injection
CVE-2025-30217 Frappe has possibility of SQL injection due to improper validations
CVE-2025-40731 SQL injection vulnerability in Daily Expense Manager
CVE-2025-67921 WordPress Lobo theme < 2.8.6 - SQL Injection vulnerability
CVE-2024-8950 SQLi in Arne Informatics' Piramit Automation
