Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-74 (输出中的特殊元素转义处理不恰当(注入)) — Vulnerability Class 372

372 vulnerabilities classified as CWE-74 (输出中的特殊元素转义处理不恰当(注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-61773 pyLoad CNL and captcha handlers allow code Injection via unsanitized parameters — pyload 8.1 High2025-10-09
CVE-2025-11445 Kilo Code Prompt ClineProvider.ts ClineProvider injection — Kilo Code 6.3 Medium2025-10-08
CVE-2025-7350 Rockwell Automation Stratix® IOS Cross-Site Request Forgery to Code Execution Vulnerability — Stratix IOS 9.8AICriticalAI2025-09-09
CVE-2025-6785 Tesla Model 3 Physical CAN Bus Injection — Model 3 6.1AIMediumAI2025-09-04
CVE-2025-9797 mrvautin expressCart Edit Product edit injection — expressCart 2.4 Low2025-09-01
CVE-2025-20265 Cisco Secure Firewall Management Center Software Radius Remote Code Execution Vulnerability — Cisco Firepower Management Center 10.0 Critical2025-08-14
CVE-2025-20337 Cisco ISE API Unauthenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine Software 10.0 Critical2025-07-16
CVE-2025-20284 Cisco Identity Services Engine Authenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine Software 6.5 Medium2025-07-16
CVE-2025-20283 Cisco Identity Services Engine Authenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine Software 6.5 Medium2025-07-16
CVE-2025-40710 Host Header Injection (HHI) in the Hotspot Shield VPN client — Hotspot Shield VPN client 7.2AIHighAI2025-06-30
CVE-2025-53097 Roo Code extension vulnerable to Potential Information Leakage via JSON Schema — Roo-Code 5.9 Medium2025-06-27
CVE-2025-20281 Cisco ISE API Unauthenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine Software 10.0 Critical2025-06-25
CVE-2025-47867 Trend Micro Apex Central 安全漏洞 — Trend Micro Apex Central 7.5 High2025-06-17
CVE-2025-32711 M365 Copilot Information Disclosure Vulnerability — Microsoft 365 Copilot 9.3 Critical2025-06-11
CVE-2025-20256 Cisco Secure Network Analytics Manager Server-Side Template Injection Vulnerability — Cisco Secure Network Analytics 6.5 Medium2025-05-21
CVE-2025-48056 Hubble CLI vulnerable to character injection — hubble 5.3 Medium2025-05-20
CVE-2025-47948 Cocotais Bot has builtin .echo command injection — cocotais-bot 7.2 High2025-05-17
CVE-2025-32390 EspoCRM vulnerable to HTML Injection into phishing, which may lead to account takeover — espocrm 4.6AIMediumAI2025-05-12
CVE-2025-20216 Cisco Catalyst SD-WAN Manager Reflected HTML Injection Vulnerability — Cisco Catalyst SD-WAN Manager 4.7 Medium2025-05-07
CVE-2025-46814 FastAPI Guard Remote Header Injection via X-Forwarded-For Manipulation — fastapi-guard 3.4 Low2025-05-06
CVE-2025-3805 sarrionandia tournatrack Jinja2 Template check_id.py injection — tournatrack 5.3 Medium2025-04-19
CVE-2025-3804 thautwarm vscode-diana Jinja2 Template Gen.py injection — vscode-diana 5.3 Medium2025-04-19
CVE-2025-3026 Improper Neutralization of Special Elements vulnerability in EJBCA — EJBCA 6.1 -2025-03-31
CVE-2025-29993 Alfasado PowerCMS 注入漏洞 — PowerCMS 6.x series 7.4AIHighAI2025-03-27
CVE-2025-27787 Applio allows a DoS in restart.py — Applio 7.5 -2025-03-19
CVE-2025-27107 Integrated Scripting vulnerable to arbitrary code execution via Java reflection — IntegratedScripting 9.8 -2025-03-13
CVE-2025-27794 Flarum Vulnerable to Session Hijacking via Authoritative Subdomain Cookie Overwrite — framework 6.8 Medium2025-03-12
CVE-2025-1691 MongoDB Shell may be susceptible to Control Character Injection via autocomplete — mongosh 7.6 High2025-02-27
CVE-2025-1611 ShopXO Template ThemeAdminService.php injection — ShopXO 4.7 Medium2025-02-24
CVE-2022-31631 PDO::quote() may return unquoted string — PHP 9.1 Critical2025-02-12

Vulnerabilities classified as CWE-74 (输出中的特殊元素转义处理不恰当(注入)) represent 372 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.