Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-74 (输出中的特殊元素转义处理不恰当(注入)) — Vulnerability Class 373

373 vulnerabilities classified as CWE-74 (输出中的特殊元素转义处理不恰当(注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-29027 Parse Server crash and RCE via invalid Cloud Function or Cloud Job name — parse-server 9.1 Critical2024-03-19
CVE-2024-23333 LAM vulnerable to Authenticated Remote Code Execution — lam 7.9 High2024-03-18
CVE-2024-2445 Reflected XSS in Mattermost Jira plugin — Mattermost 6.1 Medium2024-03-15
CVE-2024-28181 Arbitrary method invocation turbo_boost-commands — turbo_boost-commands 8.1 High2024-03-14
CVE-2024-28114 Remote Code Execution using Server Side Template Injection in Peering Manager — peering-manager 8.1 High2024-03-12
CVE-2024-21900 QTS, QuTS hero, QuTScloud — QTS 4.3 Medium2024-03-08
CVE-2024-21838 Gallagher Command Centre 安全漏洞 — Command Centre Server 6.8 Medium2024-03-05
CVE-2024-2064 rahman SelectCours Template CacheController.java getCacheNames injection — SelectCours 4.3 Medium2024-03-01
CVE-2024-1619 Kaspersky Security 安全漏洞 — Kaspersky Security for Linux Mail Server 8 6.1 Medium2024-02-29
CVE-2024-21742 Apache James Mime4J: Mime4J DOM header injection — Apache James Mime4J 5.3 -2024-02-27
CVE-2023-51388 HertzBeat AviatorScript Inject RCE — hertzbeat 9.8 Critical2024-02-22
CVE-2023-51653 Hertzbeat JMX JNDI RCE — hertzbeat 9.8 Critical2024-02-22
CVE-2024-23830 MantisBT Host Header Injection vulnerability — mantisbt 8.3 High2024-02-20
CVE-2024-1128 Tutor LMS <= 2.6.0 - Authenticated(Student+) HTML Injection via Q&A — Tutor LMS – eLearning and online course solution 5.4 Medium2024-02-20
CVE-2024-25625 Pimcore Host Header Injection in user invitation link — admin-ui-classic-bundle 8.1 High2024-02-19
CVE-2024-22319 IBM Operational Decision Manager JDNI injection — Operational Decision Manager 8.1 High2024-02-02
CVE-2024-23828 Nginx-UI authenticated RCE through injecting into the application config via CRLF — nginx-ui 8.8 High2024-01-29
CVE-2024-23648 Pimcore Admin Classic Bundle host header injection in the password reset — admin-ui-classic-bundle 8.8 High2024-01-24
CVE-2023-42135 PAX Technology A920 安全漏洞 — A920 Pro 6.8 Medium2024-01-15
CVE-2023-4818 PAX Technology A920 注入漏洞 — A920 4.6 -2024-01-15
CVE-2024-21645 pyLoad Log Injection — pyload 5.3 Medium2024-01-08
CVE-2023-6004 Libssh: proxycommand/proxyjump features allow injection of malicious code through hostname — Red Hat Enterprise Linux 8 4.8 Medium2024-01-03
CVE-2024-21623 Arbitrary Expression Injection in github workflow leads to Command execution & leaking secrets — otclient 9.8 Critical2024-01-02
CVE-2023-7114 Mattermost 安全漏洞 — Mattermost 7.1 High2023-12-29
CVE-2023-7039 Byzoro S210 importexport.php injection — S210 6.3 Medium2023-12-21
CVE-2023-46726 GLPI Remote code execution from LDAP server configuration form on PHP 7.4 — glpi 7.2 High2023-12-13
CVE-2023-6458 Client side path traversal due to lack of route parameters validation — Mattermost 7.1 High2023-12-06
CVE-2023-35075 HTML injection via channel autocomplete — Mattermost 3.1 Low2023-11-27
CVE-2023-6164 MainWP Dashboard <= 4.5.1.2 - Authenticated(Administrator+) CSS Injection — MainWP Dashboard: Self-hosted WordPress Management for Agencies 2.2 Low2023-11-22
CVE-2023-44373 Siemens 多款产品 安全漏洞 — RUGGEDCOM RM1224 LTE(4G) EU 9.1 Critical2023-11-14

Vulnerabilities classified as CWE-74 (输出中的特殊元素转义处理不恰当(注入)) represent 373 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.