CWE-74— Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection)
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.— MITRE CWE catalog
5,086 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-74page 28 of 102
- CVE-2024-28234MEDIUMCVSS 4.3EG 4.32024-04-09
Contao is an open source content management system. Starting in version 2.0.0 and prior to versions 4.13.40 and 5.3.4, it is possible to inject CSS styles via BBCode in comments. Installations are only affected if BBCode is enabled. Contao…
- CVE-2024-2881MEDIUMCVSS 6.7EG 6.72024-08-30
Fault Injection vulnerability in wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information…
- CVE-2024-28867MEDIUMCVSS 5.9EG 5.92024-03-29
Swift Prometheus is a Swift client for the Prometheus monitoring system, supporting counters, gauges and histograms. In code which applies _un-sanitized string values into metric names or labels_, an attacker could make use of this and sen…
- CVE-2024-29027CRITICALCVSS 9.0EG 9.02024-03-19
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 6.5.5 and 7.0.0-alpha.29, calling an invalid Parse Server Cloud Function name or Cloud Job name crashes the server an…
- CVE-2024-29643CRITICALCVSS 9.1EG 9.12025-04-18
An issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component.
- CVE-2024-29896HIGHCVSS 7.5EG 7.52024-03-28
Astro-Shield is a library to compute the subresource integrity hashes for your JS scripts and CSS stylesheets. When automated CSP headers generation for SSR content is enabled and the web application serves content that can be partially co…
- CVE-2024-31882MEDIUMCVSS 5.3EG 5.32024-08-14
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific non default configurations, as the server may crash when using a specially crafted SQL statement by an aut…
- CVE-2024-32986CRITICALCVSS 9.6EG 9.62024-05-03
PWAsForFirefox is a tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox. Due to improper sanitization of web app properties (such as name, description, shortcuts), web apps were able to inject additional lines in…
- CVE-2024-3366LOWCVSS 3.5EG 3.52024-04-06
A vulnerability classified as problematic was found in Xuxueli xxl-job up to 2.4.1. This vulnerability affects the function deserialize of the file com/xxl/job/core/util/JdkSerializeTool.java of the component Template Handler. The manipula…
- CVE-2024-34062MEDIUMCVSS 4.8EG 4.82024-05-03
tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments (e.g. `--delim`, `--buf-size`, `--manpath`) are passed through python's `eval`, allowing arbitrary code execution. This issue is only locally ex…
- CVE-2024-34448HIGHCVSS 8.8EG 8.82024-05-22
Ghost before 5.82.0 allows CSV Injection during a member CSV export.
- CVE-2024-34544CRITICALCVSS 9.1EG 9.12025-01-14
A command injection vulnerability exists in the wireless.cgi AddMac() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP …
- CVE-2024-34697HIGHCVSS 7.6EG 7.62024-05-14
FreeScout is a free, self-hosted help desk and shared mailbox. A stored HTML Injection vulnerability has been identified in the Email Receival Module of the Freescout Application. The vulnerability allows attackers to inject malicious HTML…
- CVE-2024-34919CRITICALCVSS 9.8EG 9.82024-05-17
An arbitrary file upload vulnerability in the component \modstudent\controller.php of Pisay Online E-Learning System using PHP/MySQL v1.0 allows attackers to execute arbitrary code via uploading a crafted file.
- CVE-2024-35059HIGHCVSS 7.5EG 9.82024-05-21
An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands.
- CVE-2024-35728MEDIUMCVSS 5.3EG 5.32024-06-10
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Themeisle PPOM for WooCommerce allows Code Inclusion.This issue affects PPOM for WooCommerce: from n/a through 32.0.20.
- CVE-2024-35777LOWCVSS 3.5EG 3.52024-07-09
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Automattic WooCommerce allows Content Spoofing.This issue affects WooCommerce: from n/a through 8.9.2.
- CVE-2024-36295CRITICALCVSS 9.1EG 9.12025-01-14
A command execution vulnerability exists in the qos.cgi qos_sta() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP requ…
- CVE-2024-36420HIGHCVSS 7.5EG 7.52024-07-01
Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, the `/api/v1/openai-assistants-file` endpoint in `index.ts` is vulnerable to arbitrary file read due to lack of sanitizat…
- CVE-2024-36522CRITICALCVSS 9.8EG 9.82024-07-12
The default configuration of XSLTResourceStream.java is vulnerable to remote code execution via XSLT injection when processing input from an untrusted source without validation. Users are recommended to upgrade to versions 10.1.0, 9.18.0 o…
- CVE-2024-37253LOWCVSS 2.7EG 2.72024-07-09
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in WpDirectoryKit WP Directory Kit allows Code Injection.This issue affects WP Directory Kit: from n/a through 1.3.6.
- CVE-2024-37442LOWCVSS 3.8EG 3.82024-07-09
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Photo Gallery Team Photo Gallery by Ays allows Code Injection.This issue affects Photo Gallery by Ays: from n/a before 5.7.…
- CVE-2024-3767MEDIUMCVSS 6.3EG 6.32024-04-15
A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. This vulnerability affects unknown code of the file /admin/edit-post.php. The manipulation of the argument posttitle/category leads to sql injection. The attac…
- CVE-2024-37759CRITICALCVSS 9.8EG 9.82024-06-24
DataGear v5.0.0 and earlier was discovered to contain a SpEL (Spring Expression Language) expression injection vulnerability via the Data Viewing interface.
- CVE-2024-38366CRITICALCVSS 10.0EG 10.02024-07-01
trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. The part of trunk which verifies whether a user has a real email address on signup used a rfc-822 library which executes a shell command to validate th…
- CVE-2024-38700MEDIUMCVSS 6.5EG 6.52024-07-12
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in realmag777 WPCS allows Code Injection.This issue affects WPCS: from n/a through 1.2.0.3.
- CVE-2024-39227CRITICALCVSS 9.8EG 9.82024-08-06
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contai…
- CVE-2024-39243CRITICALCVSS 9.8EG 9.82024-06-26
An issue discovered in skycaiji 2.8 allows attackers to run arbitrary code via crafted POST request to /index.php?s=/admin/develop/editor_save.
- CVE-2024-39320MEDIUMCVSS 6.1EG 6.12024-07-30
Discourse is an open source discussion platform. Prior to 3.2.5 and 3.3.0.beta5, the vulnerability allows an attacker to inject iframes from any domain, bypassing the intended restrictions enforced by the allowed_iframes setting. This vuln…
- CVE-2024-39604CRITICALCVSS 9.0EG 9.02025-01-14
A command execution vulnerability exists in the update_filter_url.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can perform a man-in-the-middle …
- CVE-2024-39704CRITICALCVSS 9.8EG 9.82024-06-28
Soft Circle French-Bread Melty Blood: Actress Again: Current Code through 1.07 Rev. 1.4.0 allows a remote attacker to execute arbitrary code on a client's machine via a crafted packet on TCP port 46318.
- CVE-2024-39784CRITICALCVSS 9.1EG 9.12025-01-14
Multiple command execution vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated H…
- CVE-2024-39785CRITICALCVSS 9.1EG 9.12025-01-14
Multiple command execution vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated H…
- CVE-2024-39906HIGHCVSS 8.3EG 8.32024-07-19
A command injection vulnerability was found in the IndieAuth functionality of the Ruby on Rails based Haven blog web application. The affected functionality requires authentication, but an attacker can craft a link that they can pass to a …
- CVE-2024-40137MEDIUMCVSS 5.5EG 5.52024-07-24
Dolibarr ERP CRM before 19.0.2-php8.2 was discovered to contain a remote code execution (RCE) vulnerability via the Computed field parameter under the Users Module Setup function.
- CVE-2024-40324MEDIUMCVSS 5.4EG 9.82024-07-25
A CRLF injection vulnerability in E-Staff v5.1 allows attackers to insert Carriage Return (CR) and Line Feed (LF) characters into input fields, leading to HTTP response splitting and header manipulation.
- CVE-2024-40637MEDIUMCVSS 4.2EG 4.22024-07-16
dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. When a user installs a package in dbt, it has the ability to override macros, materializations, and…
- CVE-2024-41111HIGHCVSS 7.2EG 7.22024-07-18
Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. Sliver version 1.6.0 (prerelease) is vulnerable to RCE on the teamserver by a low-pri…
- CVE-2024-41121HIGHCVSS 8.8EG 8.82024-07-19
Woodpecker is a simple yet powerful CI/CD engine with great extensibility. The server allow to create any user who can trigger a pipeline run malicious workflows: 1. Those workflows can either lead to a host takeover that runs the agent ex…
- CVE-2024-41122HIGHCVSS 7.5EG 7.52024-07-19
Woodpecker is a simple yet powerful CI/CD engine with great extensibility. The server allow to create any user who can trigger a pipeline run malicious workflows: 1. Those workflows can either lead to a host takeover that runs the agent ex…
- CVE-2024-41127HIGHCVSS 8.3EG 8.32024-08-02
Monkeytype is a minimalistic and customizable typing test. Monkeytype is vulnerable to Poisoned Pipeline Execution through Code Injection in its ci-failure-comment.yml GitHub Workflow, enabling attackers to gain pull-requests write access.…
- CVE-2024-42472CRITICALCVSS 10.0EG 10.02024-08-15
Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise…
- CVE-2024-42489CRITICALCVSS 10.0EG 10.02024-08-12
Pro Macros provides XWiki rendering macros. Missing escaping in the Viewpdf macro allows any user with view right on the `CKEditor.HTMLConverter` page or edit or comment right on any page to perform remote code execution. Other macros like…
- CVE-2024-42903MEDIUMCVSS 6.5EG 6.52024-09-03
A Host header injection vulnerability in the password reset function of LimeSurvey v.6.6.1+240806 and before allows attackers to send users a crafted password reset link that will direct victims to a malicious domain.
- CVE-2024-42914CRITICALCVSS 9.1EG 9.12024-08-23
A host header injection vulnerability exists in the forgot password functionality of ArrowCMS version 1.0.0. By sending a specially crafted host header in the forgot password request, it is possible to send password reset links to users wh…
- CVE-2024-43388HIGHCVSS 8.8EG 8.82024-09-10
A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation.
- CVE-2024-43389HIGHCVSS 8.1EG 6.52024-09-10
A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.
- CVE-2024-43390HIGHCVSS 8.1EG 6.52024-09-10
A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.
- CVE-2024-43391HIGHCVSS 8.1EG 6.52024-09-10
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_PORTFORWARDING.SRC_IP environment variable which can lea…
- CVE-2024-43392HIGHCVSS 8.1EG 6.52024-09-10
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP F…
Map vulnerabilities like CWE-74 to your infrastructure
EchelonGraph correlates every CVE — across CWE-74 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →