Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-117

CWE-117

Medium likelihood

Improper Output Neutralization for Logs

Parent: CWE-116 - Improper Encoding or Escaping of Output

The product constructs a log message from external input, but it does not neutralize or incorrectly neutralizes special elements when the message is written to a log file.

98 vulnerabilities with CWE-117

CVE-2025-54656 MEDIUM

Apache Struts Extras <2 - Info Disclosure

CVE-2025-49846 MEDIUM

Wire iOS <3.124.1 - Info Disclosure

CVE-2025-48432 MEDIUM

Django <5.2.3-4.2.23 - Info Disclosure

CVE-2025-3942 MEDIUM

Tridium Niagara <4.14.2-4.15.1-4.10.11 - Input Data Manipulation

CVE-2025-41429 MEDIUM

a-blog cms 2.8.0-2.8.84 - Unauthenticated Session Hijacking via Log Injection

CVE-2025-36625 MEDIUM

Nessus < 10.8.4 - Unauthenticated Log Injection via HTTP Request Manipulation

CVE-2025-25294 MEDIUM

Envoy Gateway <1.2.7-1.3.1 - Log Injection

CVE-2025-27111 HIGH

Rack <2.2.12, <3.0.13, <3.1.11 - Log Injection

CVE-2025-23405 MEDIUM

Unauthenticated Log Effects - Info Disclosure

CVE-2025-25184 MEDIUM

Rack <2.2.11, 3.0.12, 3.1.10 - Info Disclosure

CVE-2025-0754 MEDIUM

OpenShift Service Mesh 2.6.3-2.5.6 - Log Injection

CVE-2024-13949 MEDIUM

ABB ASPECT-Enterprise NEXUS Series MATRIX Series <= 3.* - Disk Overutilization via Large Content Injection

CVE-2024-52962 MEDIUM

FortiAnalyzer <7.6.1 - Info Disclosure

CVE-2024-9606 HIGH

berriai/litellm <1.44.12 - Info Disclosure

CVE-2024-12580 MEDIUM

danny-avila/librechat <0.7.6 - Code Injection

CVE-2024-49355 MEDIUM

IBM OpenPages with Watson <9.0 - Info Disclosure

CVE-2024-56473 MEDIUM

IBM Aspera Shares 1.9.0-1.10.0 PL6 - IP Address Spoofing via Client-IP Header

CVE-2024-35150 MEDIUM

IBM Maximo Application Suite <9.1.0 - Info Disclosure

CVE-2024-52891 MEDIUM

IBM Concert Software <1.0.4 - Info Disclosure

CVE-2024-7696 MEDIUM

AXIS Camera Station Pro < 6.5.35848 - Authenticated Denial of Service via Audit Log Tampering

CVE-2024-9026 LOW

PHP <8.1.30, <8.2.24, <8.3.12 - Info Disclosure

CVE-2024-47083 HIGH

Power Platform Terraform Provider <3.0.0 - Info Disclosure

CVE-2024-45808 MEDIUM

Envoy <1.31.2-1.28.7 - Code Injection

CVE-2024-8334 MEDIUM

master-nan Sweet-CMS <5f441e022b8876f07cde709c77b5be6d2f262e3f - In...

CVE-2024-8297 MEDIUM

Kitsada8621 Digital Library Management System <1.0 - Info Disclosure

Previous Page 2 of 4 Next

Details

Vulnerabilities 98

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy