CWE-74— Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection)
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.— MITRE CWE catalog
5,077 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-74page 10 of 102
- CVE-2020-35669MEDIUMCVSS 6.1EG 6.12020-12-24
An issue was discovered in the http package through 0.12.2 for Dart. If the attacker controls the HTTP method and the app is using Request directly, it's possible to achieve CRLF injection in an HTTP request.
- CVE-2020-35734HIGHCVSS 7.2EG 7.22021-02-15
Sruu.pl in Batflat 1.3.6 allows an authenticated user to perform code injection (and consequently Remote Code Execution) via the input fields of the Users tab. To exploit this, one must login to the administration panel and edit an arbitra…
- CVE-2020-35754HIGHCVSS 7.2EG 7.22021-01-28
OpenSolution Quick.CMS < 6.7 and Quick.Cart < 6.7 allow an authenticated user to perform code injection (and consequently Remote Code Execution) via the input fields of the Language tab.
- CVE-2020-35775CRITICALCVSS 9.8EG 9.82021-02-15
CITSmart before 9.1.2.23 allows LDAP Injection.
- CVE-2020-35938HIGHCVSS 7.5EG 7.52021-01-01
PHP Object injection vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted pay…
- CVE-2020-36144MEDIUMCVSS 5.3EG 5.32021-03-18
Redash 8.0.0 is affected by LDAP Injection. There is an information leak through the crafting of special queries, escaping the provided template since the username included in the search filter lacks sanitization.
- CVE-2020-36308MEDIUMCVSS 5.3EG 5.32021-04-06
Redmine before 4.0.7 and 4.1.x before 4.1.1 allows attackers to discover the subject of a non-visible issue by performing a CSV export and reading time entries.
- CVE-2020-36531MEDIUMCVSS 6.3EG 8.82022-06-07
A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. This issue affects the Device Manager Page. An injection leads to privilege escalation. The attack may be initiated remot…
- CVE-2020-36618MEDIUMCVSS 6.3EG 6.32022-12-19
A vulnerability classified as critical has been found in Furqan node-whois. Affected is an unknown function of the file index.coffee. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype p…
- CVE-2020-3760CRITICALCVSS 9.8EG 9.82020-02-13
Adobe Digital Editions versions 4.5.10 and below have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2020-3884MEDIUMCVSS 6.1EG 6.12020-04-01
An injection issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. A remote attacker may be able to cause arbitrary javascript code execution.
- CVE-2020-3924MEDIUMCVSS 6.4EG 6.42020-02-27
DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET do not properly verify patch files. Attackers can inject a specific command into a patch file and gain access to the system.
- CVE-2020-3956HIGHCVSS 8.8EG 8.82020-05-20
VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and 9.1.0.x before 9.1.0.4 do not properly handle input leading to a code injection vulnerability. An authenticated actor may be able to send mal…
- CVE-2020-4027MEDIUMCVSS 4.7EG 4.72020-07-01
Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros. The af…
- CVE-2020-4161MEDIUMCVSS 6.5EG 6.52020-02-19
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 could allow an authenticated attacker to cause a denial of service due to incorrect handling of certain commands. IBM X-Force ID: 174341.
- CVE-2020-4210CRITICALCVSS 9.8EG 9.82020-02-24
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the …
- CVE-2020-4211CRITICALCVSS 9.8EG 9.82020-02-24
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the …
- CVE-2020-4212CRITICALCVSS 9.8EG 9.82020-02-24
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the …
- CVE-2020-4213CRITICALCVSS 9.8EG 9.82020-02-24
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the …
- CVE-2020-4222CRITICALCVSS 9.8EG 9.82020-02-24
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the …
- CVE-2020-4271MEDIUMCVSS 6.3EG 6.32020-04-15
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to send a specially crafted command which would be executed as a lower privileged user. IBM X-ForceID: 175897.
- CVE-2020-4432HIGHCVSS 7.5EG 7.52020-06-10
Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API. IBM X-Force ID: 180810.
- CVE-2020-4589CRITICALCVSS 9.8EG 9.82020-08-13
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 184585.
- CVE-2020-4627CRITICALCVSS 9.0EG 9.02020-11-30
IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 185367.
- CVE-2020-4689MEDIUMCVSS 6.8EG 6.82020-10-12
IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote privileged attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-ForceID: 186696.
- CVE-2020-4740MEDIUMCVSS 5.2EG 5.22020-10-12
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hostin…
- CVE-2020-4774MEDIUMCVSS 5.4EG 5.42020-10-12
An XPath vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, caused by the improper handling of user-supplied input. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to obt…
- CVE-2020-4851MEDIUMCVSS 5.5EG 5.52021-03-16
IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190450.
- CVE-2020-5019MEDIUMCVSS 6.5EG 6.52021-01-08
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerabi…
- CVE-2020-5216MEDIUMCVSS 4.4EG 4.42020-01-23
In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.9.0, 5.2.0, and 6.3.0. If user-supplied input was passed into append/override_content_security_policy_directives, a newline cou…
- CVE-2020-5217MEDIUMCVSS 4.4EG 4.42020-01-23
In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.8.0, 5.1.0, and 6.2.0. If user-supplied input was passed into append/override_content_security_policy_directives, a semicolon c…
- CVE-2020-5219HIGHCVSS 8.7EG 8.72020-01-24
Angular Expressions before version 1.0.1 has a remote code execution vulnerability if you call expressions.compile(userControlledInput) where userControlledInput is text that comes from user input. If running angular-expressions in the bro…
- CVE-2020-5230HIGHCVSS 7.7EG 7.72020-01-30
Opencast before 8.1 and 7.6 allows almost arbitrary identifiers for media packages and elements to be used. This can be problematic for operation and security since such identifiers are sometimes used for file system operations which may l…
- CVE-2020-5245HIGHCVSS 7.9EG 7.92020-02-24
Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-va…
- CVE-2020-5246HIGHCVSS 7.7EG 7.72020-07-14
Traccar GPS Tracking System before version 4.9 has a LDAP injection vulnerability. It occurs when user input is being used in LDAP search filter. By providing specially crafted input, an attacker can modify the logic of the LDAP query and …
- CVE-2020-5247MEDIUMCVSS 6.5EG 6.52020-02-28
In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious conten…
- CVE-2020-5249MEDIUMCVSS 6.5EG 6.52020-03-02
In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional hea…
- CVE-2020-5259HIGHCVSS 7.7EG 7.72020-03-10
In affected versions of dojox (NPM package), the jqMix method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An …
- CVE-2020-5304HIGHCVSS 7.5EG 7.52020-06-08
The dashboard in WhiteSource Application Vulnerability Management (AVM) before version 20.4.1 allows Log Injection via a %0A%0D substring in the idp parameter to the /saml/login URI. This closes the current log and creates a new log with o…
- CVE-2020-5323MEDIUMCVSS 5.4EG 8.12021-07-19
Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain an injection vulnerability. A remote authenticated malicious user with low privileges could potentially …
- CVE-2020-5336MEDIUMCVSS 4.6EG 4.62020-05-04
RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL injection vulnerability. An unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to execute malicious JavaScript code on t…
- CVE-2020-5505CRITICALCVSS 9.8EG 9.82020-01-14
Freelancy v1.0.0 allows remote command execution via the "file":"data:application/x-php;base64 substring (in conjunction with "type":"application/x-php"} to the /api/files/ URI.
- CVE-2020-5558HIGHCVSS 8.8EG 8.82020-03-25
CuteNews 2.0.1 allows remote authenticated attackers to execute arbitrary PHP code via unspecified vectors.
- CVE-2020-5574MEDIUMCVSS 5.3EG 5.32020-05-14
HTML attribute value injection vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7…
- CVE-2020-5593HIGHCVSS 8.8EG 8.82020-06-11
Zenphoto versions prior to 1.5.7 allows an attacker to conduct PHP code injection attacks by leading a user to upload a specially crafted .zip file.
- CVE-2020-5599CRITICALCVSS 9.8EG 9.82020-07-07
TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model) contains an improper neutralization of argument delimiters in a command…
- CVE-2020-5601HIGHCVSS 8.8EG 8.82020-06-30
Chrome Extension for e-Tax Reception System Ver1.0.0.0 allows remote attackers to execute an arbitrary command via unspecified vectors.
- CVE-2020-5604HIGHCVSS 8.1EG 8.12020-07-09
Android App 'Mercari' (Japan version) prior to version 3.52.0 allows arbitrary method execution of a Java object by a remote attacker via a Man-In-The-Middle attack by using Java Reflection API of JavaScript code on WebView.
- CVE-2020-5821HIGHCVSS 7.8EG 7.82020-02-11
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of i…
- CVE-2020-6243HIGHCVSS 8.8EG 8.82020-05-12
Under certain conditions, SAP Adaptive Server Enterprise (XP Server on Windows Platform), versions 15.7, 16.0, does not perform the necessary checks for an authenticated user while executing the extended stored procedure, allowing an attac…
Map vulnerabilities like CWE-74 to your infrastructure
EchelonGraph correlates every CVE — across CWE-74 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →