CWE-74— Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection)
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.— MITRE CWE catalog
5,082 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-74page 14 of 102
- CVE-2021-31988HIGHCVSS 8.8EG 8.82021-10-05
A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email.
- CVE-2021-32499HIGHCVSS 7.5EG 7.52021-12-17
SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to pass in any value to the Emulator executable.
- CVE-2021-32558HIGHCVSS 7.5EG 7.52021-07-30
An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before 16.8-cert10. If the IAX2 channel driver receives a packet that contains an unsu…
- CVE-2021-32622MEDIUMCVSS 4.2EG 4.22021-05-17
Matrix-React-SDK is a react-based SDK for inserting a Matrix chat/voip client into a web page. Before version 3.21.0, when uploading a file, the local file preview can lead to execution of scripts embedded in the uploaded file. This can on…
- CVE-2021-32642HIGHCVSS 7.0EG 7.02021-05-28
radsecproxy is a generic RADIUS proxy that supports both UDP and TLS (RadSec) RADIUS transports. Missing input validation in radsecproxy's `naptr-eduroam.sh` and `radsec-dynsrv.sh` scripts can lead to configuration injection via crafted ra…
- CVE-2021-32647HIGHCVSS 8.0EG 8.02021-06-01
Emissary is a P2P based data-driven workflow engine. Affected versions of Emissary are vulnerable to post-authentication Remote Code Execution (RCE). The [`CreatePlace`](https://github.com/NationalSecurityAgency/emissary/blob/30c54ef16c6eb…
- CVE-2021-32649HIGHCVSS 8.8EG 8.82022-01-14
October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with "create, modify and delete website pages" privileges in the backend is able to …
- CVE-2021-32650HIGHCVSS 8.8EG 8.82022-01-14
October CMS is a self-hosted content management system (CMS) platform based on the Laravel PHP Framework. Prior to versions 1.0.473 and 1.1.6, an attacker with access to the backend is able to execute PHP code by using the theme import fea…
- CVE-2021-32756HIGHCVSS 8.8EG 8.82021-07-21
ManageIQ is an open-source management platform. In versions prior to jansa-4, kasparov-2, and lasker-1, there is a flaw in the MiqExpression module of ManageIQ where a low privilege user could enter a crafted Ruby string which would be eva…
- CVE-2021-32827MEDIUMCVSS 6.1EG 6.12021-08-16
MockServer is open source software which enables easy mocking of any system you integrate with via HTTP or HTTPS. An attacker that can trick a victim into visiting a malicious site while running MockServer locally, will be able to run arbi…
- CVE-2021-33195HIGHCVSS 7.3EG 7.32021-08-02
Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection (e.g., XSS) that does not conform to the RFC1035 format.
- CVE-2021-33621HIGHCVSS 8.8EG 8.82022-11-18
The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie o…
- CVE-2021-33668HIGHCVSS 7.5EG 7.52021-06-09
Due to improper input sanitization, specially crafted LDAP queries can be injected by an unauthenticated user. This could partially impact the confidentiality of the application.
- CVE-2021-34079CRITICALCVSS 9.8EG 9.82022-06-02
OS Command injection vulnerability in Mintzo Docker-Tester through 1.2.1 allows attackers to execute arbitrary commands via shell metacharacters in the 'ports' entry of a crafted docker-compose.yml file.
- CVE-2021-34083HIGHCVSS 8.1EG 8.12022-06-02
Google-it is a Node.js package which allows its users to send search queries to Google and receive the results in a JSON format. When using the 'Open in browser' option in versions up to 1.6.2, google-it will unsafely concat the result's l…
- CVE-2021-34419LOWCVSS 3.7EG 3.72021-11-11
In the Zoom Client for Meetings for Ubuntu Linux before version 5.1.0, there is an HTML injection flaw when sending a remote control request to a user in the process of in-meeting screen sharing. This could allow meeting participants to be…
- CVE-2021-3524MEDIUMCVSS 6.5EG 6.52021-05-17
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag…
- CVE-2021-35450HIGHCVSS 7.2EG 7.22021-08-02
A Server Side Template Injection in the Entando Admin Console 6.3.9 and before allows a user with privileges to execute FreeMarker template with command execution via freemarker.template.utility.Execute
- CVE-2021-35504HIGHCVSS 7.2EG 7.22021-10-05
Afian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path value for the ffmpeg binary.
- CVE-2021-35505HIGHCVSS 7.2EG 7.22021-10-05
Afian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path value for the magick binary.
- CVE-2021-36313CRITICALCVSS 9.1EG 9.12021-11-23
Dell EMC CloudLink 7.1 and all prior versions contain an OS command injection Vulnerability. A remote high privileged attacker, may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the applicatio…
- CVE-2021-36322MEDIUMCVSS 6.1EG 6.12021-11-20
Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary host header values to poison the…
- CVE-2021-36348HIGHCVSS 8.1EG 8.12022-01-25
iDRAC9 versions prior to 5.00.20.00 contain an input injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information disclosure or denial of service by supp…
- CVE-2021-36381MEDIUMCVSS 5.3EG 5.32021-07-12
In Edifecs Transaction Management through 2021-07-12, an unauthenticated user can inject arbitrary text into a user's browser via logon.jsp?logon_error= on the login screen of the Web application.
- CVE-2021-36668HIGHCVSS 7.8EG 7.82022-07-12
URL injection in Driva inSync 6.9.0 for MacOS, allows attackers to force a visit to an arbitrary url via the port parameter to the Electron App.
- CVE-2021-36697MEDIUMCVSS 6.7EG 6.72021-11-03
With an admin account, the .htaccess file in Artica Pandora FMS <=755 can be overwritten with the File Manager component. The new .htaccess file contains a Rewrite Rule with a type definition. A normal PHP file can be uploaded with this ne…
- CVE-2021-36913HIGHCVSS 7.5EG 7.52022-10-11
Unauthenticated Options Change and Content Injection vulnerability in Qube One Redirection for Contact Form 7 plugin <= 2.4.0 at WordPress allows attackers to change options and inject scripts into the footer HTML. Requires an additional e…
- CVE-2021-37033HIGHCVSS 7.5EG 7.52021-11-23
There is an Injection attack vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
- CVE-2021-37040CRITICALCVSS 9.8EG 9.82021-12-08
There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting.
- CVE-2021-37262HIGHCVSS 7.5EG 7.52021-12-16
JFinal_cms 5.1.0 is vulnerable to regex injection that may lead to Denial of Service.
- CVE-2021-37499MEDIUMCVSS 6.5EG 6.52023-01-20
CRLF vulnerability in Reprise License Manager (RLM) web interface through 14.2BL4 in the password parameter in View License Result function, that allows remote attackers to inject arbitrary HTTP headers.
- CVE-2021-37541MEDIUMCVSS 6.1EG 6.12021-08-06
In JetBrains Hub before 2021.1.13402, HTML injection in the password reset email was possible.
- CVE-2021-37933HIGHCVSS 7.5EG 7.52021-10-14
An LDAP injection vulnerability in /account/login in Huntflow Enterprise before 3.10.6 could allow an unauthenticated, remote user to modify the logic of an LDAP query and bypass authentication. The vulnerability is due to insufficient ser…
- CVE-2021-38084HIGHCVSS 8.1EG 8.12021-08-03
An issue was discovered in the POP3 component of Courier Mail Server before 1.1.5. Meddler-in-the-middle attackers can pipeline commands after the POP3 STLS command, injecting plaintext commands into an encrypted user session.
- CVE-2021-38290HIGHCVSS 8.1EG 8.12021-08-09
A host header attack vulnerability exists in FUEL CMS 1.5.0 through fuel/modules/fuel/config/fuel_constants.php and fuel/modules/fuel/libraries/Asset.php. An attacker can use a man in the middle attack such as phishing.
- CVE-2021-38294CRITICALCVSS 9.8EG 9.82021-10-25
A Command Injection vulnerability exists in the getTopologyHistory service of the Apache Storm 2.x prior to 2.2.1 and Apache Storm 1.x prior to 1.2.4. A specially crafted thrift request to the Nimbus server allows Remote Code Execution (RC…
- CVE-2021-38371HIGHCVSS 7.5EG 7.52021-08-10
The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.
- CVE-2021-38395CRITICALCVSS 9.1EG 9.82022-10-28
Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements in output, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition.
- CVE-2021-38458CRITICALCVSS 9.8EG 9.82021-10-12
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries.
- CVE-2021-38873HIGHCVSS 7.8EG 7.82021-11-24
IBM Planning Analytics 2.0 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 208396.
- CVE-2021-39028MEDIUMCVSS 5.4EG 5.42022-07-14
IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various a…
- CVE-2021-39031HIGHCVSS 8.8EG 8.82022-01-25
IBM WebSphere Application Server - Liberty 17.0.0.3 through 22.0.0.1 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability and could res…
- CVE-2021-39114HIGHCVSS 8.8EG 8.82022-04-05
Affected versions of Atlassian Confluence Server and Data Center allow users with a valid account on a Confluence Data Center instance to execute arbitrary Java code or run arbitrary system commands by injecting an OGNL payload. The affect…
- CVE-2021-39128HIGHCVSS 7.2EG 7.22021-09-16
Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA Administrators access to execute arbitrary Java code via a server-side template injection vulnerability in t…
- CVE-2021-39175HIGHCVSS 8.1EG 8.12021-08-30
HedgeDoc is a platform to write and share markdown. In versions prior to 1.9.0, an unauthenticated attacker can inject arbitrary JavaScript into the speaker-notes of the slide-mode feature by embedding an iframe hosting the malicious code …
- CVE-2021-39187HIGHCVSS 7.5EG 7.52021-09-02
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version 4.10.3, Parse Server crashes when if a query request contains an invalid value for the `explain` option. This is due t…
- CVE-2021-39213MEDIUMCVSS 6.8EG 6.82021-09-15
GLPI is a free Asset and IT management software package. Starting in version 9.1 and prior to version 9.5.6, GLPI with API Rest enabled is vulnerable to API bypass with custom header injection. This issue is fixed in version 9.5.6. One may…
- CVE-2021-39910LOWCVSS 2.6EG 4.32021-12-13
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. GitLab was vulnerable to HTML Injection thr…
- CVE-2021-40143HIGHCVSS 8.2EG 8.22021-09-07
Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection. By sending a crafted HTTP request, a remote attacker may disclose sensitive information or request external resources from a vulnerable instance.
- CVE-2021-40336MEDIUMCVSS 5.0EG 8.82022-07-25
A vulnerability exists in the http web interface where the web interface does not validate data in an HTTP header. This causes a possible HTTP response splitting, which if exploited could lead an attacker to channel down harmful code into …
Map vulnerabilities like CWE-74 to your infrastructure
EchelonGraph correlates every CVE — across CWE-74 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →