CWE-74— Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection)
4,606 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-74page 2 of 93
- CVE-2014-5084HIGHCVSS 8.8EG 8.82020-02-10
A Command Execution vulnerability exists in Sphider Pro 3.2 due to insufficient sanitization of fwrite, which could let a remote malicious user execute arbitrary code. CVE-2014-5084 pertains to instances of fwrite in Sphider Pro only, but …
- CVE-2014-5085HIGHCVSS 8.8EG 8.82020-02-10
A Command Execution vulnerability exists in Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5085 pertains to instances of fwrite in Sphider P…
- CVE-2014-5086HIGHCVSS 8.8EG 8.82020-02-10
A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fw…
- CVE-2014-5287HIGHCVSS 8.8EG 8.82020-01-08
A Bash script injection vulnerability exists in Kemp Load Master 7.1-16 and earlier due to a failure to sanitize input in the Web User Interface (WUI).
- CVE-2014-7236CRITICALCVSS 9.1EG 9.12020-02-17
Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before 6.0.1 allows remote attackers to execute arbitrary Perl code via the debugenableplugins parameter to do/view/Main/WebHome.
- CVE-2014-7287NONECVSS 0.0EG 0.02015-02-01
The key-management component in Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allows remote attackers to trigger unintended content in outbound e-mail messages via a crafted key UID value in an inbound e-m…
- CVE-2014-7844HIGHCVSS 7.8EG 7.82020-01-14
BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address.
- CVE-2014-7952HIGHCVSS 7.8EG 7.82018-01-12
The backup mechanism in the adb tool in Android might allow attackers to inject additional applications (APKs) and execute arbitrary code by leveraging failure to filter application data streams.
- CVE-2014-8423NONECVSS 0.0EG 0.02014-11-28
Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to execute arbitrary commands via unknown vectors.
- CVE-2015-0931NONECVSS 0.0EG 0.02015-02-14
Ektron Content Management System (CMS) 8.5 and 8.7 before 8.7sp2 and 9.0 before sp1, when the Saxon XSLT parser is used, allows remote attackers to execute arbitrary code via a crafted XSLT document, related to a "resource injection" issue.
- CVE-2015-10027MEDIUMCVSS 5.5EG 9.82023-01-07
A vulnerability, which was classified as problematic, has been found in hydrian TTRSS-Auth-LDAP. Affected by this issue is some unknown functionality of the component Username Handler. The manipulation leads to ldap injection. Upgrading to…
- CVE-2015-10040MEDIUMCVSS 5.4EG 6.52023-01-13
A vulnerability was found in gitlearn. It has been declared as problematic. This vulnerability affects the function getGrade/getOutOf of the file scripts/config.sh of the component Escape Sequence Handler. The manipulation leads to injecti…
- CVE-2015-10062MEDIUMCVSS 5.5EG 9.82023-01-17
A vulnerability, which was classified as problematic, was found in galaxy-data-resource up to 14.10.0. This affects an unknown part of the component Command Line Template. The manipulation leads to injection. Upgrading to version 14.10.1 i…
- CVE-2015-1169NONECVSS 0.0EG 0.02015-02-10
Apereo Central Authentication Service (CAS) Server before 3.5.3 allows remote attackers to conduct LDAP injection attacks via a crafted username, as demonstrated by using a wildcard and a valid password to bypass LDAP authentication.
- CVE-2015-1592NONECVSS 0.0EG 0.02015-02-19
Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote attackers to include and execute arbitrary local Perl files and p…
- CVE-2015-1975HIGHCVSS 7.8EG 7.82018-04-03
The web administration tool in IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, and 6.3 before iFix 37 and IBM Security Directory Server 6.3.1 before iFix 11 and 6.4 before iFix 2 allows loca…
- CVE-2015-3154MEDIUMCVSS 6.1EG 6.12020-01-27
CRLF injection vulnerability in Zend\Mail (Zend_Mail) in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF …
- CVE-2015-5377CRITICALCVSS 9.8EG 9.82018-03-06
Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol. NOTE: ZDI appears to claim that CVE-2015-3253 and CVE-2015-5377 are the same vulnerability
- CVE-2015-5462MEDIUMCVSS 6.1EG 6.12019-04-03
AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier allows remote attackers to inject HTML into the scoping dashboard features.
- CVE-2016-10498CRITICALCVSS 9.8EG 9.82018-04-18
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, MDM9645, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 6…
- CVE-2016-10761MEDIUMCVSS 6.5EG 6.52019-06-29
Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack.
- CVE-2016-10801HIGHCVSS 8.8EG 8.82019-08-07
cPanel before 58.0.4 has improper session handling for shared users (SEC-139).
- CVE-2016-10845HIGHCVSS 8.1EG 8.12019-08-01
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/check_system_storable (SEC-78).
- CVE-2016-10847HIGHCVSS 8.1EG 8.12019-08-01
cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath (SEC-80).
- CVE-2016-11068MEDIUMCVSS 5.3EG 5.32020-06-19
An issue was discovered in Mattermost Server before 3.2.0. Attackers could read LDAP fields via injection.
- CVE-2016-15004HIGHCVSS 7.3EG 9.82022-07-23
A vulnerability was found in InfiniteWP Client Plugin 1.5.1.3/1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to injection. The attack can be launched remotely. Up…
- CVE-2016-15007MEDIUMCVSS 5.5EG 9.82023-01-02
A vulnerability was found in Centralized-Salesforce-Dev-Framework. It has been declared as problematic. Affected by this vulnerability is the function SObjectService of the file src/classes/SObjectService.cls of the component SOQL Handler.…
- CVE-2016-8899CRITICALCVSS 9.8EG 9.82019-05-23
Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expCatController.php related to change_cats.
- CVE-2016-8900CRITICALCVSS 9.8EG 9.82019-05-24
Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expTagController.php related to change_tags.
- CVE-2016-8901CRITICALCVSS 9.8EG 9.82019-05-23
b2evolution 6.7.6 suffer from an Object Injection vulnerability in /htsrv/call_plugin.php.
- CVE-2017-0372CRITICALCVSS 9.8EG 9.82018-04-13
Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities.
- CVE-2017-1000453CRITICALCVSS 9.8EG 9.82018-01-02
CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execution.
- CVE-2017-1000454HIGHCVSS 7.8EG 7.82018-01-02
CMS Made Simple 2.1.6, 2.2, 2.2.1 are vulnerable to Smarty Template Injection in some core components, resulting in local file read before 2.2, and local file inclusion since 2.2.1
- CVE-2017-1000493CRITICALCVSS 9.8EG 9.82018-01-03
Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover
- CVE-2017-10963MEDIUMCVSS 5.9EG 5.92018-02-20
In Knox SDS IAM (Identity Access Management) and EMM (Enterprise Mobility Management) 16.11 on Samsung mobile devices, a man-in-the-middle attacker can install any application into the Knox container (without the user's knowledge) by inspe…
- CVE-2017-1115MEDIUMCVSS 5.4EG 5.42018-09-07
IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Fo…
- CVE-2017-1202MEDIUMCVSS 5.4EG 5.42019-02-05
IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context…
- CVE-2017-14094CRITICALCVSS 9.8EG 9.82018-01-19
A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote command execution via a cron job injection on a vulnerable system.
- CVE-2017-14523HIGHCVSS 7.5EG 7.52018-01-26
WonderCMS 2.3.1 is vulnerable to an HTTP Host header injection attack. It uses user-entered values to redirect pages. NOTE: the vendor reports that exploitation is unlikely because the attack can only come from a local machine or from the …
- CVE-2017-15714CRITICALCVSS 9.8EG 9.82018-01-04
The BIRT plugin in Apache OFBiz 16.11.01 to 16.11.03 does not escape user input property passed. This allows for code injection by passing that code through the URL. For example by appending this code "__format=%27;alert(%27xss%27)" to the…
- CVE-2017-16043MEDIUMCVSS 6.1EG 6.12018-06-04
Shout is an IRC client. Because the `/topic` command in messages is unescaped, attackers have the ability to inject HTML scripts that will run in the victim's browser. Affects shout >=0.44.0 <=0.49.3.
- CVE-2017-18049MEDIUMCVSS 5.5EG 5.52018-01-23
In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software (incl…
- CVE-2017-18266HIGHCVSS 8.8EG 8.82018-05-10
The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks v…
- CVE-2017-18386HIGHCVSS 7.2EG 7.22019-08-02
cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in PostgresAdmin (SEC-313).
- CVE-2017-18387HIGHCVSS 7.2EG 7.22019-08-02
cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in a Reseller style upload (SEC-314).
- CVE-2017-18389MEDIUMCVSS 6.3EG 6.32019-08-02
cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318).
- CVE-2017-18437MEDIUMCVSS 4.4EG 4.42019-08-02
cPanel before 64.0.21 allows a Webmail account to execute code via forwarders (SEC-240).
- CVE-2017-18583CRITICALCVSS 9.8EG 9.82019-08-22
The post-pay-counter plugin before 2.731 for WordPress has PHP Object Injection.
- CVE-2017-18604HIGHCVSS 7.5EG 7.52019-09-10
The sitebuilder-dynamic-components plugin through 1.0 for WordPress has PHP object injection via an AJAX request.
- CVE-2017-18605CRITICALCVSS 9.8EG 9.82019-09-10
The gravitate-qa-tracker plugin through 1.2.1 for WordPress has PHP Object Injection.
Map vulnerabilities like CWE-74 to your infrastructure
EchelonGraph correlates every CVE — across CWE-74 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →