CWE-20

High likelihood

Improper Input Validation

Parent: CWE-707 - Improper Neutralization

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

12,643 vulnerabilities with CWE-20
CVE-2008-4342
BurnAware - Arbitrary File Write via NMSDVDX.DVDEngineX ActiveX Control
CVE-2008-4340
Google Chrome 0.2.149.29 and 0.2.149.30 - Denial of Service via Window Open Function
CVE-2008-4329
openengine < 2.0_beta4 - Remote File Inclusion via oe_classpath Parameter
CVE-2008-4318
Observer <= 0.3.2.1 - Remote Command Execution via Query Parameter
CVE-2008-4295
Microsoft Windows Mobile 6.0 - Denial of Service via Bluetooth Long Name Handling
CVE-2008-4200
Opera < 9.52 - URL Spoofing via News Feed Address Field
CVE-2008-3811
Cisco IOS 12.2-12.4 - Denial of Service via Segmented SCCP Messages
CVE-2008-3810
Cisco IOS 12.2 and 12.4 - Denial of Service via Segmented SCCP Messages
CVE-2008-4137
php_crawler - Remote File Inclusion via footer_file Parameter
CVE-2008-4136
Michael Roth Software Personal FTP Server 6.0f - Denial of Service via Multiple RETR Commands
CVE-2008-4163
ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, 9.5.0-P2-W1 - Denial of Service via UDP Client Handler
CVE-2008-4133
D-Link DIR-100 - Web Proxy Filter Bypass via Large URL
CVE-2008-4106
WordPress < 2.6.2 - Unauthenticated Password Reset via SQL Column Truncation
CVE-2008-4105
Joomla! 1.5 < 1.5.7 - Variable Injection via JRequest::setVar
CVE-2008-4103
Joomla! com_mailto - Unauthenticated Spam Transmission via URL Parameter
CVE-2008-4101
Vim < 7.2.010 - Arbitrary Command Execution via K Keystroke
CVE-2008-4096
phpMyAdmin < 2.11.9.1 - Authenticated Remote Code Execution via Sort Parameter
CVE-2008-4071
Adobe Acrobat 9 - Denial of Service via Invalid acroie:// URL
CVE-2008-3889
Postfix <2.4.9, 2.5 <2.5.5, 2.6 <2.6-20080902 - DoS
CVE-2008-4050
Friendly Technologies FriendlyPPPoE Client <3.0.0.57 - Code Injection
CVE-2008-4049
Friendly Technologies FriendlyPPPoE Client <3.0.0.57 - RCE
CVE-2008-4041
Softalk Mail Server 8.5.1.431 - DoS
CVE-2008-3584
NetBSD 3.0-4.0 - Denial of Service via PPPoE Packet Tag Length Check
CVE-2008-3960
IBM DB2 Universal Database < 8.2 - Denial of Service via Malicious JDBC Applet Server Packets
CVE-2008-3957
Microsoft Windows Image Acquisition Logger ActiveX - RCE
Details
Vulnerabilities 12,643
Exploit Likelihood High