CWE-74— Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection)
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.— MITRE CWE catalog
5,082 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-74page 17 of 102
- CVE-2022-30506CRITICALCVSS 9.8EG 9.82022-06-02
An arbitrary file upload vulnerability was discovered in MCMS 5.2.7, allowing an attacker to execute arbitrary code through a crafted ZIP file.
- CVE-2022-3060HIGHCVSS 7.3EG 7.32022-10-17
Improper control of a resource identifier in Error Tracking in GitLab CE/EE affecting all versions from 12.7 allows an authenticated attacker to generate content which could cause a victim to make unintended arbitrary requests
- CVE-2022-3080HIGHCVSS 7.5EG 7.52022-09-21
By sending specific queries to the resolver, an attacker can cause named to crash.
- CVE-2022-30991MEDIUMCVSS 6.1EG 6.12022-05-18
HTML injection via report name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
- CVE-2022-31014MEDIUMCVSS 5.4EG 5.42022-07-05
Nextcloud server is an open source personal cloud server. Affected versions were found to be vulnerable to SMTP command injection. The impact varies based on which commands are supported by the backend SMTP server. However, the main risk h…
- CVE-2022-31086HIGHCVSS 8.8EG 8.82022-06-27
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 incorrect regular expressions allow to upload PHP scripts to config/templates/pdf. T…
- CVE-2022-31087HIGHCVSS 7.8EG 7.82022-06-27
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of .php (…
- CVE-2022-31088MEDIUMCVSS 5.3EG 5.32022-06-27
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is only the …
- CVE-2022-31108MEDIUMCVSS 4.1EG 4.12022-06-28
Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. An attacker is able to inject arbitrary `CSS` into the generated graph allowing …
- CVE-2022-31126CRITICALCVSS 10.0EG 10.02022-07-06
Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a remote, unauthenticated attacker to code execution by sending a specially crafted HTTP request to /app/…
- CVE-2022-31179HIGHCVSS 8.1EG 8.12022-08-01
Shescape is a simple shell escape package for JavaScript. Versions prior to 1.5.8 were found to be subject to code injection on windows. This impacts users that use Shescape (any API function) to escape arguments for cmd.exe on Windows An …
- CVE-2022-31180CRITICALCVSS 9.8EG 9.82022-08-01
Shescape is a simple shell escape package for JavaScript. Affected versions were found to have insufficient escaping of white space when interpolating output. This issue only impacts users that use the `escape` or `escapeAll` functions wit…
- CVE-2022-31181CRITICALCVSS 9.8EG 9.82022-08-01
PrestaShop is an Open Source e-commerce platform. In versions from 1.6.0.10 and before 1.7.8.7 PrestaShop is subject to an SQL injection vulnerability which can be chained to call PHP's Eval function on attacker input. The problem is fixed…
- CVE-2022-31593HIGHCVSS 8.8EG 8.82022-07-12
SAP Business One client - version 10.0 allows an attacker with low privileges, to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.
- CVE-2022-31631CRITICALCVSS 9.1EG 9.12025-02-12
In PHP versions 8.0.* before 8.0.27, 8.1.* before 8.1.15, 8.2.* before 8.2.2 when using PDO::quote() function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which…
- CVE-2022-31657CRITICALCVSS 9.8EG 9.82022-08-05
VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious actor with network access may be able to redirect an authenticated user to an arbitrary domain.
- CVE-2022-31658HIGHCVSS 7.2EG 7.22022-08-05
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.
- CVE-2022-31665HIGHCVSS 7.2EG 7.22022-08-05
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.
- CVE-2022-31777MEDIUMCVSS 5.4EG 5.42022-11-01
A stored cross-site scripting (XSS) vulnerability in Apache Spark 3.2.1 and earlier, and 3.3.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the logs which woul…
- CVE-2022-3215HIGHCVSS 7.5EG 7.52022-09-28
NIOHTTP1 and projects using it for generating HTTP responses can be subject to a HTTP Response Injection attack. This occurs when a HTTP/1.1 server accepts user generated input from an incoming request and reflects it into a HTTP/1.1 respo…
- CVE-2022-32269CRITICALCVSS 9.8EG 9.82022-06-03
In Real Player 20.0.8.310, the G2 Control allows injection of unsafe javascript: URIs in local HTTP error pages (displayed by Internet Explorer core). This leads to arbitrary code execution.
- CVE-2022-3236CRITICALCVSS 9.8EG 9.8⚠ KEV2022-09-23
A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.
- CVE-2022-32453MEDIUMCVSS 6.5EG 6.52022-08-18
HTTP header injection vulnerability in Cybozu Office 10.0.0 to 10.8.5 may allow a remote attacker to obtain and/or alter the data of the product via unspecified vectors.
- CVE-2022-32534HIGHCVSS 8.8EG 9.82022-06-23
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands.
- CVE-2022-33011HIGHCVSS 8.8EG 8.82022-07-08
Known v1.3.1+2020120201 was discovered to allow attackers to perform an account takeover via a host header injection attack.
- CVE-2022-33012HIGHCVSS 8.8EG 8.82022-11-22
Microweber v1.2.15 was discovered to allow attackers to perform an account takeover via a host header injection attack.
- CVE-2022-33900MEDIUMCVSS 4.1EG 7.22022-08-22
PHP Object Injection vulnerability in Easy Digital Downloads plugin <= 3.0.1 at WordPress.
- CVE-2022-34160MEDIUMCVSS 5.4EG 5.42022-07-08
IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. I…
- CVE-2022-34165MEDIUMCVSS 5.4EG 5.42022-09-09
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct …
- CVE-2022-34294CRITICALCVSS 9.8EG 9.82022-08-15
totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks.
- CVE-2022-34306MEDIUMCVSS 5.4EG 5.42022-07-08
IBM CICS TX Standard and Advanced 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cro…
- CVE-2022-34466MEDIUMCVSS 6.5EG 6.52022-07-12
A vulnerability has been identified in Mendix Applications using Mendix 9 (All versions >= V9.11 < V9.15), Mendix Applications using Mendix 9 (V9.12) (All versions < V9.12.3). An expression injection vulnerability was discovered in the Wor…
- CVE-2022-34773MEDIUMCVSS 4.9EG 9.82022-08-22
Tabit - HTTP Method manipulation. https://bridge.tabit.cloud/configuration/addresses-query - can be POST-ed to add addresses to the DB. This is an example of OWASP:API8 – Injection.
- CVE-2022-34903MEDIUMCVSS 6.5EG 6.52022-07-01
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
- CVE-2022-34914CRITICALCVSS 9.8EG 9.82022-07-08
Webswing before 22.1.3 allows X-Forwarded-For header injection. The client IP address is associated with a variable in the configuration page. The {clientIp} variable can be used as an application startup argument. The X-Forwarded-For head…
- CVE-2022-34966HIGHCVSS 7.5EG 7.52022-07-25
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an HTML injection vulnerability via the location parameter at http://ip_address/:port/ossn/home.
- CVE-2022-35246MEDIUMCVSS 4.3EG 4.32022-09-23
A NoSQL-Injection information disclosure vulnerability vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 in the getS3FileUrl Meteor server method that can disclose arbitrary file upload URLs to users that should not be able to a…
- CVE-2022-35507HIGHCVSS 7.1EG 7.12022-12-04
A response-header CRLF injection vulnerability in the Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) web interface allows a remote attacker to set cookies for a victim's browser that are longer than the server expects, ca…
- CVE-2022-35735HIGHCVSS 7.2EG 7.22022-08-04
In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, an authenticated attacker with Resource Administrator or Manager privileges can create or modify existing monitor object…
- CVE-2022-35739MEDIUMCVSS 5.3EG 5.32022-10-25
PRTG Network Monitor through 22.2.77.2204 does not prevent custom input for a device’s icon, which can be modified to insert arbitrary content into the style tag for that device. When the device page loads, the arbitrary Cascading Style …
- CVE-2022-35914CRITICALCVSS 9.8EG 9.8⚠ KEV2022-09-19
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection.
- CVE-2022-35948MEDIUMCVSS 5.3EG 5.32022-08-15
undici is an HTTP/1.1 client, written from scratch for Node.js.`=< [email protected]` users are vulnerable to _CRLF Injection_ on headers when using unsanitized input as request headers, more specifically, inside the `content-type` header. Exam…
- CVE-2022-35954MEDIUMCVSS 5.0EG 5.02022-08-15
The GitHub Actions ToolKit provides a set of packages to make creating actions easier. The `core.exportVariable` function uses a well known delimiter that attackers can use to break out of that specific variable and assign values to other …
- CVE-2022-3607MEDIUMCVSS 6.0EG 6.02022-10-19
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository octoprint/octoprint prior to 1.8.3.
- CVE-2022-36084CRITICALCVSS 9.9EG 9.92022-09-08
cruddl is software for creating a GraphQL API for a database, using the GraphQL SDL to model a schema. If cruddl starting with version 1.1.0 and prior to versions 2.7.0 and 3.0.2 is used to generate a schema that uses `@flexSearchFulltext`…
- CVE-2022-36302HIGHCVSS 8.8EG 5.42022-08-01
File path manipulation vulnerability in BF-OS version 3.00 up to and including 3.83 allows an attacker to modify the file path to access different resources, which may contain sensitive information.
- CVE-2022-36323CRITICALCVSS 9.1EG 7.22022-08-10
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.
- CVE-2022-3643MEDIUMCVSS 6.5EG 10.02022-12-07
Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an (unwritten?) a…
- CVE-2022-36775MEDIUMCVSS 6.5EG 6.52023-02-17
IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, 10.0.3.0, and10.0.4.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks aga…
- CVE-2022-37027HIGHCVSS 7.2EG 7.22022-09-21
Ahsay AhsayCBS 9.1.4.0 allows an authenticated system user to inject arbitrary Java JVM options. Administrators that can modify the Runtime Options in the web interface can inject Java Runtime Options. These take effect after a restart. Fo…
Map vulnerabilities like CWE-74 to your infrastructure
EchelonGraph correlates every CVE — across CWE-74 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →