CWE-235
3 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-235page 1 of 1
- CVE-2017-20160MEDIUMCVSS 6.3EG 6.32022-12-31
A vulnerability was found in flitto express-param up to 0.x. It has been classified as critical. This affects an unknown part of the file lib/fetchParams.js. The manipulation leads to improper handling of extra parameters. It is possible t…
- CVE-2024-47651MEDIUMCVSS 6.5EG 6.52024-10-04
This vulnerability exists in Shilpi Client Dashboard due to improper handling of multiple parameters in the API endpoint. An authenticated remote attacker could exploit this vulnerability by including multiple “userid” parameters in th…
- CVE-2026-27851HIGHCVSS 7.4EG 7.42026-05-12
When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in authentic…
Map vulnerabilities like CWE-235 to your infrastructure
EchelonGraph correlates every CVE — across CWE-235 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →