CWE-74— Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection)
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.— MITRE CWE catalog
5,082 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-74page 19 of 102
- CVE-2022-45801MEDIUMCVSS 5.4EG 5.42023-05-01
Apache StreamPark 1.0.0 to 2.0.0 have a LDAP injection vulnerability. LDAP Injection is an attack used to exploit web based applications that construct LDAP statements based on user input. When an application fails to properly sanitize use…
- CVE-2022-45910MEDIUMCVSS 5.3EG 5.32022-12-07
Improper neutralization of special elements used in an LDAP query ('LDAP Injection') vulnerability in ActiveDirectory and Sharepoint ActiveDirectory authority connectors of Apache ManifoldCF allows an attacker to manipulate the LDAP search…
- CVE-2022-46162HIGHCVSS 8.8EG 8.82022-11-30
discourse-bbcode is the official BBCode plugin for Discourse. Prior to commit 91478f5, CSS injection can occur when rendering content generated with the discourse-bccode plugin. This vulnerability only affects sites which have the discours…
- CVE-2022-46169CRITICALCVSS 9.8EG 9.8⚠ KEV2022-12-05
Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbit…
- CVE-2022-46180MEDIUMCVSS 5.0EG 5.02023-01-04
Discourse Mermaid (discourse-mermaid-theme-component) allows users of Discourse, open-source forum software, to create graphs using the Mermaid syntax. Users of discourse-mermaid-theme-component version 1.0.0 who can create posts are able …
- CVE-2022-46265MEDIUMCVSS 5.4EG 6.12022-12-13
A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The affected application contains a Host header injection vulnerability that could allow an attacker to spoof a Host header information and redirect users to mal…
- CVE-2022-46337CRITICALCVSS 9.8EG 9.82023-11-20
A cleverly devised username might bypass LDAP authentication checks. In LDAP-authenticated Derby installations, this could let an attacker fill up the disk by creating junk Derby databases. In LDAP-authenticated Derby installations, thi…
- CVE-2022-46873HIGHCVSS 8.8EG 8.82022-12-22
Because Firefox did not implement the <code>unsafe-hashes</code> CSP directive, an attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject executable script. This wou…
- CVE-2022-47028MEDIUMCVSS 5.5EG 5.52023-05-30
An issue discovered in Action Launcher for Android v50.5 allows an attacker to cause a denial of service via arbitary data injection to function insert.
- CVE-2022-47052MEDIUMCVSS 6.1EG 6.12023-01-26
The web interface of the 'Nighthawk R6220 AC1200 Smart Wi-Fi Router' is vulnerable to a CRLF Injection attack that can be leveraged to perform Reflected XSS and HTML Injection. A malicious unauthenticated attacker can exploit this vulnerab…
- CVE-2022-47083HIGHCVSS 8.8EG 8.82023-01-10
A PHP Object Injection vulnerability in the unserialize() function Spitfire CMS v1.0.475 allows authenticated attackers to execute arbitrary code via sending crafted requests to the web application.
- CVE-2022-47583CRITICALCVSS 9.8EG 9.82023-10-19
Terminal character injection in Mintty before 3.6.3 allows code execution via unescaped output to the terminal.
- CVE-2022-4768MEDIUMCVSS 6.3EG 9.82022-12-27
A vulnerability was found in Dropbox merou. It has been classified as critical. Affected is the function add_public_key of the file grouper/public_key.py of the component SSH Public Key Handler. The manipulation of the argument public_key_…
- CVE-2022-4864MEDIUMCVSS 5.4EG 5.42022-12-30
Argument Injection in GitHub repository froxlor/froxlor prior to 2.0.0-beta1.
- CVE-2023-0040HIGHCVSS 7.5EG 7.52023-01-18
Versions of Async HTTP Client prior to 1.13.2 are vulnerable to a form of targeted request manipulation called CRLF injection. This vulnerability was the result of insufficient validation of HTTP header field values before sending them to …
- CVE-2023-0302HIGHCVSS 7.8EG 7.82023-01-15
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2.
- CVE-2023-0476MEDIUMCVSS 6.5EG 6.52023-01-26
A LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could generate data in Active Directory using the application account through bli…
- CVE-2023-0493MEDIUMCVSS 5.3EG 5.32023-01-26
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5.
- CVE-2023-1059MEDIUMCVSS 6.3EG 8.82023-02-27
A vulnerability classified as critical was found in SourceCodester Doctors Appointment System 1.0. This vulnerability affects unknown code of the file /admin/doctors.php of the component Parameter Handler. The manipulation of the argument …
- CVE-2023-1061MEDIUMCVSS 6.3EG 8.82023-02-27
A vulnerability, which was classified as critical, has been found in SourceCodester Doctors Appointment System 1.0. This issue affects some unknown processing of the file /admin/edit-doc.php. The manipulation of the argument email/oldmail …
- CVE-2023-1287CRITICALCVSS 9.0EG 9.82023-03-09
An XSL template vulnerability in ENOVIA Live Collaboration V6R2013xE allows Remote Code Execution.
- CVE-2023-1523CRITICALCVSS 10.0EG 10.02023-09-01
Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphica…
- CVE-2023-20057NONECVSS 0.0EG 5.32023-01-20
A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. This vulnerabi…
- CVE-2023-20858HIGHCVSS 7.2EG 7.22023-02-22
VMware Carbon Black App Control 8.7.x prior to 8.7.8, 8.8.x prior to 8.8.6, and 8.9.x.prior to 8.9.4 contain an injection vulnerability. A malicious actor with privileged access to the App Control administration console may be able to use …
- CVE-2023-22522HIGHCVSS 8.8EG 9.02023-12-06
This Template Injection vulnerability allows an authenticated attacker, including one with anonymous access, to inject unsafe user input into a Confluence page. Using this approach, an attacker is able to achieve Remote Code Execution (RCE…
- CVE-2023-22527CRITICALCVSS 9.8EG 10.0⚠ KEV2024-01-16
A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most rece…
- CVE-2023-22621HIGHCVSS 7.2EG 9.02023-04-19
Strapi through 4.5.5 allows authenticated Server-Side Template Injection (SSTI) that can be exploited to execute arbitrary code on the server. A remote attacker with access to the Strapi admin panel can inject a crafted payload that execut…
- CVE-2023-2373HIGHCVSS 8.8EG 6.32023-04-28
A vulnerability was identified in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This vulnerability affects unknown code of the component Web Management Interface. Such manipulation of the argument ecn-up leads to command injection. The attac…
- CVE-2023-23738MEDIUMCVSS 5.3EG 5.32024-06-03
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Brainstorm Force Spectra allows Content Spoofing, Phishing.This issue affects Spectra: from n/a through 2.3.0.
- CVE-2023-2374HIGHCVSS 8.8EG 6.32023-04-28
A security flaw has been discovered in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This issue affects some unknown processing of the component Web Management Interface. Performing a manipulation of the argument ecn-down results in command …
- CVE-2023-23749HIGHCVSS 7.5EG 7.52023-01-17
The 'LDAP Integration with Active Directory and OpenLDAP - NTLM & Kerberos Login' extension is vulnerable to LDAP Injection since is not properly sanitizing the 'username' POST parameter. An attacker can manipulate this paramter to dump ar…
- CVE-2023-2375HIGHCVSS 8.8EG 6.32023-04-28
A weakness has been identified in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. Impacted is an unknown function of the component Web Management Interface. Executing a manipulation of the argument src can lead to command injection. It is poss…
- CVE-2023-2376HIGHCVSS 8.8EG 6.32023-04-28
A security vulnerability has been detected in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. The affected element is an unknown function of the component Web Management Interface. The manipulation of the argument dpi leads to command injectio…
- CVE-2023-2377HIGHCVSS 8.8EG 6.32023-04-28
A vulnerability was detected in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. The impacted element is an unknown function of the component Web Management Interface. The manipulation of the argument Name results in command injection. The atta…
- CVE-2023-2378HIGHCVSS 8.8EG 6.32023-04-28
A flaw has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown function of the component Web Management Interface. This manipulation of the argument suffix-rate-up causes command injection. The attack may be i…
- CVE-2023-23936MEDIUMCVSS 6.5EG 6.52023-02-16
Undici is an HTTP/1.1 client for Node.js. Starting with version 2.0.0 and prior to version 5.19.1, the undici library does not protect `host` HTTP header from CRLF injection vulnerabilities. This issue is patched in Undici v5.19.1. As a wo…
- CVE-2023-24040HIGHCVSS 7.1EG 7.12023-01-21
dtprintinfo in Common Desktop Environment 1.6 has a bug in the parser of lpstat (an invoked external command) during listing of the names of available printers. This allows low-privileged local users to inject arbitrary printer names via t…
- CVE-2023-24539HIGHCVSS 7.3EG 7.32023-05-11
Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection o…
- CVE-2023-24540CRITICALCVSS 9.8EG 9.82023-05-11
Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not b…
- CVE-2023-25141HIGHCVSS 7.5EG 7.52023-02-14
Apache Sling JCR Base < 3.1.12 has a critical injection vulnerability when running on old JDK versions (JDK 1.8.191 or earlier) through utility functions in RepositoryAccessor. The functions getRepository and getRepositoryFromURL allow an …
- CVE-2023-25613CRITICALCVSS 9.8EG 9.82023-02-20
An LDAP Injection vulnerability exists in the LdapIdentityBackend of Apache Kerby before 2.0.3.
- CVE-2023-25616CRITICALCVSS 9.9EG 8.82023-03-14
In some scenario, SAP Business Objects Business Intelligence Platform (CMC) - versions 420, 430, Program Object execution can lead to code injection vulnerability which could allow an attacker to gain access to resources that are allowed …
- CVE-2023-25617CRITICALCVSS 9.0EG 8.82023-03-14
SAP Business Object (Adaptive Job Server) - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central…
- CVE-2023-25719HIGHCVSS 8.8EG 8.82023-02-13
ConnectWise Control before 22.9.10032 (formerly known as ScreenConnect) fails to validate user-supplied parameters such as the Bin/ConnectWiseControl.Client.exe h parameter. This results in reflected data and injection of malicious code in…
- CVE-2023-26127HIGHCVSS 7.8EG 7.82023-05-27
All versions of the package n158 are vulnerable to Command Injection due to improper input sanitization in the 'module.exports' function. **Note:** To execute the code snippet and potentially exploit the vulnerability, the attacker needs…
- CVE-2023-26130HIGHCVSS 7.5EG 7.52023-05-30
Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the content-type header in the HTTP .Patch, .Post, .Put and .Delete requests. This can lead to logical erro…
- CVE-2023-26138MEDIUMCVSS 5.4EG 5.42023-07-06
All versions of the package drogonframework/drogon are vulnerable to CRLF Injection when untrusted user input is used to set request headers in the addHeader function. An attacker can add the \r\n (carriage return line feeds) characters an…
- CVE-2023-26142MEDIUMCVSS 6.5EG 6.12023-09-12
All versions of the package crow are vulnerable to HTTP Response Splitting when untrusted user input is used to build header values. Header values are not properly sanitized against CRLF Injection in the set_header and add_header functions…
- CVE-2023-26148MEDIUMCVSS 5.4EG 5.42023-09-29
All versions of the package ithewei/libhv are vulnerable to CRLF Injection when untrusted user input is used to set request headers. An attacker can add the \r\n (carriage return line feeds) characters and inject additional headers in the …
- CVE-2023-26261CRITICALCVSS 9.8EG 9.82023-03-08
In UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath injection leads to an authentication bypass by stealing the session of another connected user. The fixed versions are WAAP Gateway & Cloud 6.11.0 and 6.5.6-patch15.
Map vulnerabilities like CWE-74 to your infrastructure
EchelonGraph correlates every CVE — across CWE-74 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →