Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-116

CWE-116

High likelihood

Improper Encoding or Escaping of Output

Parent: CWE-707 - Improper Neutralization

The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.

446 vulnerabilities with CWE-116

CVE-2021-31806 MEDIUM

Squid < 4.15 and 5.x < 5.0.6 - Denial of Service via HTTP Range Request Processing

CVE-2021-28662 MEDIUM

Squid 4.0.1-4.14 and 5.0-5.0.5 - Denial of Service via HTTP Response Header

CVE-2021-28940 CRITICAL

MagpieRSS 0.72 - OS Command Injection via RSS URL Parameter

CVE-2021-20405 HIGH

IBM Security Verify Information Queue <1.0.8 - Info Disclosure

CVE-2020-36567 HIGH

gin-gonic/gin < 1.6.0 - Log Injection via Default Logger

CVE-2020-36599 CRITICAL

OmniAuth <1.9.2, <2.0 - Info Disclosure

CVE-2020-27958 MEDIUM

Ohio Supercomputer Center Open OnDemand <1.7.19, <1.8.18 - Command ...

CVE-2020-4850 HIGH

IBM Spectrum Scale <1.1.8.4 - Info Disclosure

CVE-2020-26283 MEDIUM

go-ipfs < 0.8.0 - Console Output Injection via Unescaped Control Characters

CVE-2020-29023 LOW

Secomea GateManager <9.3 - Code Injection

CVE-2020-36173 MEDIUM

Ninja Forms <3.4.28 - Info Disclosure

CVE-2020-13654 HIGH

XWiki Platform <12.8 - Info Disclosure

CVE-2020-28954 MEDIUM

BigBlueButton <2.2.29 - Info Disclosure

CVE-2020-26226 HIGH

semantic-release <17.2.3 - Info Disclosure

CVE-2020-25646 HIGH

Ansible Collection community.crypto - Info Disclosure

CVE-2020-27604 MEDIUM

BigBlueButton <2.3 - Info Disclosure

CVE-2020-9862 HIGH

iCloud < 7.20 - Command Injection via Web Inspector URL Copy

CVE-2020-24592 MEDIUM

Mitel MiCloud Management Portal <6.1 SP5 - Info Disclosure

CVE-2020-6313 MEDIUM

SAP NetWeaver Application Server JAVA/XML Forms <7.50 - XSS

CVE-2020-24972 HIGH

Kleopatra <3.1.12 - Code Execution via openpgp4fpr URL Handling

CVE-2020-16281 HIGH

RangeeOS 8.0.4 - Authenticated Arbitrary Code Execution via Kommbox Context Menu

CVE-2020-7694 LOW

uvicorn < 0.11.7 - ANSI Escape Sequence Injection via Request Logger

CVE-2020-6261 MEDIUM

SAP Solution Manager <7.20 - Info Disclosure

CVE-2020-5304 HIGH

WhiteSource AVM <20.4.1 - Log Injection

CVE-2020-13625 HIGH

PHPMailer < 6.1.6 - Improper Output Escaping in File Attachment Name

Previous Page 16 of 18 Next

Details

Vulnerabilities 446

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy