Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-99 (对资源描述符的控制不恰当(资源注入)) — Vulnerability Class 46

46 vulnerabilities classified as CWE-99 (对资源描述符的控制不恰当(资源注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-0231 Improper Control of Resource Identifiers ('Resource Injection') in GitLab — GitLab 2.7 Low2024-07-24
CVE-2024-4817 Campcodes Online Laundry Management System HTTP Request Parameter manage_user.php resource injection — Online Laundry Management System 6.3 Medium2024-05-13
CVE-2024-4294 PHPGurukul Doctor Appointment Management System view-appointment-detail.php resource injection — Doctor Appointment Management System 6.3 Medium2024-04-27
CVE-2023-3517 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection') — Pentaho Data Integration & Analytics 8.5 High2023-12-12
CVE-2023-2980 Abstrium Pydio Cells User Creation resource injection — Pydio Cells 6.3 Medium2023-05-30
CVE-2022-39369 Service Hostname Discovery Exploitation in phpCAS — phpCAS 8.0 High2022-11-01
CVE-2022-3774 SourceCodester Train Scheduler App resource injection — Train Scheduler App 5.4 Medium2022-10-31
CVE-2022-27670 SAP SQL Anywhere 安全漏洞 — SAP SQL Anywhere Server 6.5 -2022-04-12
CVE-2022-1287 School Club Application System resource injection — School Club Application System 6.5 Medium2022-04-09
CVE-2021-22879 Nextcloud 注入漏洞 — Nextcloud Desktop Client 8.8 -2021-04-14
CVE-2020-8177 Haxx curl 注入漏洞 — https://github.com/curl/curl 7.3 -2020-12-14
CVE-2020-6245 SAP Business Objects Business Intelligence Platform 注入漏洞 — SAP Business Objects Business Intelligence Platform 7.8 -2020-05-12
CVE-2020-5230 Opencast uses unsafe identifiers — opencast 7.7 High2020-01-30
CVE-2019-1860 Cisco Unified Intelligence Center Remote File Injection Vulnerability — Cisco Unified Intelligence Center 5.9 -2019-05-16
CVE-2019-6545 AVEVA InTouch Edge HMI 安全漏洞 — AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update 9.1 -2019-02-13
CVE-2016-8615 Haxx curl 安全漏洞 — curl 5.3 -2018-08-01

Vulnerabilities classified as CWE-99 (对资源描述符的控制不恰当(资源注入)) represent 46 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.