CWE-74— Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection)
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.— MITRE CWE catalog
5,076 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-74page 9 of 102
- CVE-2020-22275HIGHCVSS 8.8EG 8.82020-11-04
Easy Registration Forms (ER Forms) Wordpress Plugin 2.0.6 allows an attacker to submit an entry with malicious CSV commands. After that, when the system administrator generates CSV output from the forms information, there is no check on th…
- CVE-2020-22277HIGHCVSS 8.0EG 8.02020-11-04
Import and export users and customers WordPress Plugin through 1.15.5.11 allows CSV injection via a customer's profile.
- CVE-2020-23050HIGHCVSS 8.0EG 8.02021-10-22
TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a HTML injection vulnerability in the userFirstName parameter of the user account input field. This vulnerability allows attackers to execute phishing attacks, exter…
- CVE-2020-23148HIGHCVSS 7.5EG 7.52021-08-09
The userLogin parameter in ldap/login.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a LDAP injection and obtain sensitive information via a crafted POST request.
- CVE-2020-24275MEDIUMCVSS 6.5EG 6.52023-07-20
A HTTP response header injection vulnerability in Swoole v4.5.2 allows attackers to execute arbitrary code via supplying a crafted URL.
- CVE-2020-24364HIGHCVSS 8.8EG 8.82020-08-24
MineTime through 1.8.5 allows arbitrary command execution via the notes field in a meeting. Could lead to RCE via meeting invite.
- CVE-2020-24821MEDIUMCVSS 5.5EG 5.52021-08-04
A vulnerability in the dwarf::cursor::skip_form function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.
- CVE-2020-24822MEDIUMCVSS 5.5EG 5.52021-08-04
A vulnerability in the dwarf::cursor::uleb function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.
- CVE-2020-24823MEDIUMCVSS 5.5EG 5.52021-08-04
A vulnerability in the dwarf::to_string function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.
- CVE-2020-24825MEDIUMCVSS 5.5EG 5.52021-08-04
A vulnerability in the line_table::line_table function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.
- CVE-2020-24826MEDIUMCVSS 5.5EG 5.52021-08-04
A vulnerability in the elf::section::as_strtab function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.
- CVE-2020-25048MEDIUMCVSS 4.6EG 4.62020-08-31
An issue was discovered on Samsung mobile devices with Q(10.0) (with ONEUI 2.1) software. In the Lockscreen state, the Quick Share feature allows unauthenticated downloads, aka file injection. The Samsung ID is SVE-2020-17760 (August 2020).
- CVE-2020-25067CRITICALCVSS 9.6EG 9.62020-09-01
NETGEAR R8300 devices before 1.0.2.134 are affected by command injection by an unauthenticated attacker.
- CVE-2020-25094CRITICALCVSS 9.8EG 9.82020-12-17
LogRhythm Platform Manager 7.4.9 allows Command Injection. To exploit this, an attacker can inject arbitrary program names and arguments into a WebSocket. These are forwarded to any remote server with a LogRhythm Smart Response agent insta…
- CVE-2020-25268HIGHCVSS 8.8EG 8.82020-11-10
Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data.
- CVE-2020-25596MEDIUMCVSS 5.5EG 5.52020-09-23
An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a…
- CVE-2020-25768MEDIUMCVSS 5.3EG 5.32020-10-07
Contao before 4.4.52, 4.9.x before 4.9.6, and 4.10.x before 4.10.1 have Improper Input Validation. It is possible to inject insert tags in front end forms which will be replaced when the page is rendered.
- CVE-2020-25967HIGHCVSS 8.8EG 8.82020-12-10
The member center function in fastadmin V1.0.0.20200506_beta is vulnerable to a Server-Side Template Injection (SSTI) vulnerability.
- CVE-2020-26049MEDIUMCVSS 6.1EG 6.12020-12-21
Nifty-PM CPE 2.3 is affected by stored HTML injection. The impact is remote arbitrary code execution.
- CVE-2020-26081MEDIUMCVSS 6.1EG 6.12020-11-18
Multiple vulnerabilities in the web UI of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users on an affected system. The vulnerabilities are due…
- CVE-2020-26116HIGHCVSS 7.2EG 7.22020-09-27
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in t…
- CVE-2020-26137MEDIUMCVSS 6.5EG 6.52020-09-30
urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116.
- CVE-2020-26142MEDIUMCVSS 5.3EG 5.32021-05-11
An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configur…
- CVE-2020-26222HIGHCVSS 8.7EG 8.72020-11-13
Dependabot is a set of packages for automated dependency management for Ruby, JavaScript, Python, PHP, Elixir, Rust, Java, .NET, Elm and Go. In Dependabot-Core from version 0.119.0.beta1 before version 0.125.1, there is a remote code execu…
- CVE-2020-26238HIGHCVSS 7.9EG 7.92020-11-25
Cron-utils is a Java library to parse, validate, migrate crons as well as get human readable descriptions for them. In cron-utils before version 9.1.3, a template Injection vulnerability is present. This enables attackers to inject arbitra…
- CVE-2020-26260MEDIUMCVSS 6.4EG 6.42020-12-09
BookStack is a platform for storing and organising information and documentation. In BookStack before version 0.30.5, a user with permissions to edit a page could set certain image URL's to manipulate functionality in the exporting system,…
- CVE-2020-26282CRITICALCVSS 10.0EG 10.02020-12-24
BrowserUp Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR file. BrowserUp Proxy works well as a standalone proxy server, but it is especially useful when embedded in Se…
- CVE-2020-26293MEDIUMCVSS 6.1EG 6.12021-01-04
HtmlSanitizer is a .NET library for cleaning HTML fragments and documents from constructs that can lead to XSS attacks. In HtmlSanitizer before version 5.0.372, there is a possible XSS bypass if style tag is allowed. If you have explicitly…
- CVE-2020-26298MEDIUMCVSS 6.8EG 6.82021-01-11
Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when proc…
- CVE-2020-26884MEDIUMCVSS 6.1EG 6.12020-11-18
RSA Archer 6.8 through 6.8.0.3 and 6.9 contains a URL injection vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability by tricking a victim application user into executing malicious JavaScript code i…
- CVE-2020-27211MEDIUMCVSS 5.7EG 5.72021-05-21
Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper protection against physical side channels. The flash read-out protection (APPROTECT) can be bypassed by injecting a fault during the boot phase.
- CVE-2020-27212HIGHCVSS 7.0EG 7.02021-05-21
STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. The flash read-out protection (RDP) can be degraded from RDP level 2 (no access via debug interface) to level 1 (limited access via debug interface) by in…
- CVE-2020-27260MEDIUMCVSS 5.3EG 5.32021-01-08
Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Version 1.7.15 HL7 v2.x injection vulnerabilities exist in the affected products that allow physically proximate attackers with a connected barcode reader to inject HL7 v2.x segments in…
- CVE-2020-27602CRITICALCVSS 9.8EG 9.82022-09-29
BigBlueButton before 2.2.7 does not have a protection mechanism for separator injection in meetingId, userId, and authToken.
- CVE-2020-27627MEDIUMCVSS 6.1EG 6.12020-11-16
JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection.
- CVE-2020-27687HIGHCVSS 8.8EG 8.82020-12-18
ThingsBoard before v3.2 is vulnerable to Host header injection in password-reset emails. This allows an attacker to send malicious links in password-reset emails to victims, pointing to an attacker-controlled server. Lack of validation of …
- CVE-2020-28031MEDIUMCVSS 4.3EG 4.32020-11-02
eramba through c2.8.1 allows HTTP Host header injection with (for example) resultant wkhtml2pdf PDF printing by authenticated users.
- CVE-2020-28246CRITICALCVSS 9.8EG 9.82022-06-02
A Server-Side Template Injection (SSTI) was discovered in Form.io 2.0.0. This leads to Remote Code Execution during deletion of the default Email template URL. NOTE: the email templating service was removed after 2020. Additionally, the ve…
- CVE-2020-28328HIGHCVSS 8.8EG 8.82020-11-06
SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, logger_file_name can refer to an attacker-controlled .php file under t…
- CVE-2020-28468HIGHCVSS 8.1EG 8.12021-01-08
This affects the package pwntools before 4.3.1. The shellcraft generator for affected versions of this module are vulnerable to Server-Side Template Injection (SSTI), which can lead to remote code execution.
- CVE-2020-28848HIGHCVSS 8.8EG 8.82023-08-11
CSV Injection vulnerability in ChurchCRM version 4.2.0, allows remote attackers to execute arbitrary code via crafted CSV file.
- CVE-2020-29135MEDIUMCVSS 4.1EG 4.12020-11-27
cPanel before 90.0.17 has multiple instances of URL parameter injection (SEC-567).
- CVE-2020-29655HIGHCVSS 7.5EG 7.52020-12-09
An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108. Accessing Main_Login.asp?flag=1&productname=FOOBAR&url=/downloadmaster/task.asp will redirect to the login site, which will show the value of the parameter pro…
- CVE-2020-3246MEDIUMCVSS 4.3EG 4.32020-05-06
A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote attacker to perform a carriage return line feed (CRLF) injection attack against a user of an affected service. The vulnerability is due to insuffici…
- CVE-2020-35213HIGHCVSS 8.1EG 8.12021-12-16
An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false link event messages sent to a master ONOS node.
- CVE-2020-35226HIGHCVSS 7.1EG 7.12021-03-10
NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allow unauthenticated users to modify the switch DHCP configuration by sending the corresponding write request command.
- CVE-2020-35564HIGHCVSS 7.5EG 7.52021-02-16
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an outdated and unused component allowing for malicious user input of active code.
- CVE-2020-35608HIGHCVSS 7.8EG 7.82020-12-22
A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07. A specially crafted AF_PACKET socket can cause a process to create an executable memory mapping with control…
- CVE-2020-35609MEDIUMCVSS 5.5EG 5.52020-12-22
A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write shellcode to trigger this vu…
- CVE-2020-3561MEDIUMCVSS 4.7EG 4.72020-10-21
A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in th…
Map vulnerabilities like CWE-74 to your infrastructure
EchelonGraph correlates every CVE — across CWE-74 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →