CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

ClassIncompleteLikelihood: High

Description

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

Hierarchy (View 1000)

Parents

CWE-707

Children

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-101 · CAPEC-105 · CAPEC-108 · CAPEC-120 · CAPEC-13 · CAPEC-135 · CAPEC-14 · CAPEC-24 · CAPEC-250 · CAPEC-267 · CAPEC-273 · CAPEC-28 · CAPEC-3 · CAPEC-34 · CAPEC-42 · CAPEC-43 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-51 · CAPEC-52 · CAPEC-53 · CAPEC-6 · CAPEC-64 · CAPEC-67 · CAPEC-7 · CAPEC-71 · CAPEC-72 · CAPEC-76 · CAPEC-78 · CAPEC-79 · CAPEC-8 · CAPEC-80 · CAPEC-83 · CAPEC-84 · CAPEC-9

CVEs mapped to this weakness (3,064)

page 139 of 154

CVE	Vendor / Product	Sev	CVSS	EPSS	Published	Description
CVE-2024-29643	Croogo Croogo		—	0.00	Apr 18, 2025	An issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component.
CVE-2025-3163	Internlm Lmdeploy		—	0.00	Apr 3, 2025	A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has been declared as critical. Affected by this vulnerability is the function Open of the file lmdeploy/docs/en/conf.py. The manipulation leads to code injection. It is possible to launch the attack on the local…
CVE-2025-27794	Flarum Framework		—	0.00	Mar 12, 2025	Flarum is open-source forum software. A session hijacking vulnerability exists in versions prior to 1.8.10 when an attacker-controlled authoritative subdomain under a parent domain (e.g., `subdomain.host.com`) sets cookies scoped to the parent domain (`.host.com`). This allows…
CVE-2025-1691	—		—	0.00	Feb 27, 2025	The MongoDB Shell may be susceptible to control character injection where an attacker with control of the mongosh autocomplete feature, can use the autocompletion feature to input and run obfuscated malicious text. This requires user interaction in the form of the user using…
CVE-2025-24959	Google Zx	Low	—	0.00	Feb 3, 2025	zx is a tool for writing better scripts. An attacker with control over environment variable values can inject unintended environment variables into `process.env`. This can lead to arbitrary command execution or unexpected behavior in applications that rely on environment…
CVE-2024-43428	Moodle Moodle		—	0.00	Nov 7, 2024	To address a cache poisoning risk in Moodle, additional validation for local storage was required.
CVE-2024-10491	Express Express		—	0.00	Oct 29, 2024	A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used. The issue arises from improper sanitization in `Link` header values, which can allow a combination of…
CVE-2024-8309	Langchain AI Langchain		—	0.02	Oct 29, 2024	A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial of service (DoS) by deleting all data, breaches in…
CVE-2024-49381	Plentico Plenti		—	0.00	Oct 25, 2024	Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary file write deletion when a plenti user serves their website. This issue may lead to information loss. Version 0.7.2…
CVE-2024-49380	Plentico Plenti		—	0.71	Oct 25, 2024	Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Remote Code Execution. Version…
CVE-2024-48927	Umbraco Umbraco CMS		—	0.02	Oct 22, 2024	Umbraco, a free and open source .NET content management system, has a remote code execution issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15. There is a potential risk of code execution for Backoffice users when they…
CVE-2024-46983	Softstack Sofa Hessian		—	0.00	Sep 19, 2024	sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But there is a gadget chain that can bypass the…
CVE-2024-46986	Owen2345 Camaleon CMS		—	0.92	Sep 18, 2024	Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authenticated users to write arbitrary files to any location on the web server Camaleon…
CVE-2024-45612	Contao Contao CMS		—	0.01	Sep 17, 2024	Contao is an Open Source CMS. In affected versions an untrusted user can inject insert tags into the canonical tag, which are then replaced on the web page (front end). Users are advised to update to Contao 4.13.49, 5.3.15 or 5.4.3. Users unable to upgrade should disable…
CVE-2024-8862	H2oai H2o 3		—	0.02	Sep 14, 2024	A vulnerability, which was classified as critical, has been found in h2oai h2o-3 3.46.0.4. This issue affects the function getConnectionSafe of the file /dtale/chart-data/1 of the component JDBC Connection Handler. The manipulation of the argument query leads to deserialization.…
CVE-2024-45595	Man Group Dtale		—	0.02	Sep 10, 2024	D-Tale is a visualizer for Pandas data structures. Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Users should upgrade to version 3.14.1 where the "Custom Filter" input is turned off by default.
CVE-2024-45302	Sharp Restsharp		—	0.00	Aug 29, 2024	RestSharp is a Simple REST and HTTP API Client for .NET. The second argument to `RestRequest.AddHeader` (the header value) is vulnerable to CRLF injection. The same applies to `RestRequest.AddOrUpdateHeader` and `RestClient.AddDefaultHeader`. The way HTTP headers are added to a…
CVE-2024-26020	Ankitects Anki		—	0.03	Jul 22, 2024	An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability.
CVE-2024-41122	Woodpecker Ci Woodpecker		—	0.00	Jul 19, 2024	Woodpecker is a simple yet powerful CI/CD engine with great extensibility. The server allow to create any user who can trigger a pipeline run malicious workflows: 1. Those workflows can either lead to a host takeover that runs the agent executing the workflow. 2. Or allow to…
CVE-2024-41121	Woodpecker Ci Woodpecker		—	0.00	Jul 19, 2024	Woodpecker is a simple yet powerful CI/CD engine with great extensibility. The server allow to create any user who can trigger a pipeline run malicious workflows: 1. Those workflows can either lead to a host takeover that runs the agent executing the workflow. 2. Or allow to…

CVE-2024-29643Apr 18, 2025
Croogo
Croogo
risk 0.00cvss —epss 0.00
An issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component.
CVE-2025-3163Apr 3, 2025
Internlm
Lmdeploy
risk 0.00cvss —epss 0.00
A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has been declared as critical. Affected by this vulnerability is the function Open of the file lmdeploy/docs/en/conf.py. The manipulation leads to code injection. It is possible to launch the attack on the local…
CVE-2025-27794Mar 12, 2025
Flarum
Framework
risk 0.00cvss —epss 0.00
Flarum is open-source forum software. A session hijacking vulnerability exists in versions prior to 1.8.10 when an attacker-controlled authoritative subdomain under a parent domain (e.g., `subdomain.host.com`) sets cookies scoped to the parent domain (`.host.com`). This allows…
CVE-2025-1691Feb 27, 2025
risk 0.00cvss —epss 0.00
The MongoDB Shell may be susceptible to control character injection where an attacker with control of the mongosh autocomplete feature, can use the autocompletion feature to input and run obfuscated malicious text. This requires user interaction in the form of the user using…
CVE-2025-24959LowFeb 3, 2025
Google
Zx
risk 0.00cvss —epss 0.00
zx is a tool for writing better scripts. An attacker with control over environment variable values can inject unintended environment variables into `process.env`. This can lead to arbitrary command execution or unexpected behavior in applications that rely on environment…
CVE-2024-43428Nov 7, 2024
Moodle
Moodle
risk 0.00cvss —epss 0.00
To address a cache poisoning risk in Moodle, additional validation for local storage was required.
CVE-2024-10491Oct 29, 2024
Express
Express
risk 0.00cvss —epss 0.00
A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used. The issue arises from improper sanitization in `Link` header values, which can allow a combination of…
CVE-2024-8309Oct 29, 2024
Langchain AI
Langchain
risk 0.00cvss —epss 0.02
A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial of service (DoS) by deleting all data, breaches in…
CVE-2024-49381Oct 25, 2024
Plentico
Plenti
risk 0.00cvss —epss 0.00
Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary file write deletion when a plenti user serves their website. This issue may lead to information loss. Version 0.7.2…
CVE-2024-49380Oct 25, 2024
Plentico
Plenti
risk 0.00cvss —epss 0.71
Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Remote Code Execution. Version…
CVE-2024-48927Oct 22, 2024
Umbraco
Umbraco CMS
risk 0.00cvss —epss 0.02
Umbraco, a free and open source .NET content management system, has a remote code execution issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15. There is a potential risk of code execution for Backoffice users when they…
CVE-2024-46983Sep 19, 2024
Softstack
Sofa Hessian
risk 0.00cvss —epss 0.00
sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But there is a gadget chain that can bypass the…
CVE-2024-46986Sep 18, 2024
Owen2345
Camaleon CMS
risk 0.00cvss —epss 0.92
Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authenticated users to write arbitrary files to any location on the web server Camaleon…
CVE-2024-45612Sep 17, 2024
Contao
Contao CMS
risk 0.00cvss —epss 0.01
Contao is an Open Source CMS. In affected versions an untrusted user can inject insert tags into the canonical tag, which are then replaced on the web page (front end). Users are advised to update to Contao 4.13.49, 5.3.15 or 5.4.3. Users unable to upgrade should disable…
CVE-2024-8862Sep 14, 2024
H2oai
H2o 3
risk 0.00cvss —epss 0.02
A vulnerability, which was classified as critical, has been found in h2oai h2o-3 3.46.0.4. This issue affects the function getConnectionSafe of the file /dtale/chart-data/1 of the component JDBC Connection Handler. The manipulation of the argument query leads to deserialization.…
CVE-2024-45595Sep 10, 2024
Man Group
Dtale
risk 0.00cvss —epss 0.02
D-Tale is a visualizer for Pandas data structures. Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Users should upgrade to version 3.14.1 where the "Custom Filter" input is turned off by default.
CVE-2024-45302Aug 29, 2024
Sharp
Restsharp
risk 0.00cvss —epss 0.00
RestSharp is a Simple REST and HTTP API Client for .NET. The second argument to `RestRequest.AddHeader` (the header value) is vulnerable to CRLF injection. The same applies to `RestRequest.AddOrUpdateHeader` and `RestClient.AddDefaultHeader`. The way HTTP headers are added to a…
CVE-2024-26020Jul 22, 2024
Ankitects
Anki
risk 0.00cvss —epss 0.03
An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability.
CVE-2024-41122Jul 19, 2024
Woodpecker Ci
Woodpecker
risk 0.00cvss —epss 0.00
Woodpecker is a simple yet powerful CI/CD engine with great extensibility. The server allow to create any user who can trigger a pipeline run malicious workflows: 1. Those workflows can either lead to a host takeover that runs the agent executing the workflow. 2. Or allow to…
CVE-2024-41121Jul 19, 2024
Woodpecker Ci
Woodpecker
risk 0.00cvss —epss 0.00
Woodpecker is a simple yet powerful CI/CD engine with great extensibility. The server allow to create any user who can trigger a pipeline run malicious workflows: 1. Those workflows can either lead to a host takeover that runs the agent executing the workflow. 2. Or allow to…