CWE-707

Improper Neutralization

The product does not ensure or incorrectly ensures that structured messages or data are well-formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.

240 vulnerabilities with CWE-707
CVE-2021-4252 LOW
WP-Ban - XSS
CVSS 3.5
CVE-2021-4251 LOW
as - XSS
CVSS 3.5
CVE-2021-4246 MEDIUM
roxlukas LMeve - SQL Injection
CVSS 6.3
CVE-2021-4244 LOW
yikes-inc-easy-mailchimp-extender <6.8.5 - XSS
CVSS 2.6
CVE-2021-4242 MEDIUM
Sapido - Os Command Injection
CVSS 6.3
CVE-2021-27493 MEDIUM
Philips Vue PACS <12.2.x.x - Info Disclosure
CVSS 6.1
CVE-2020-36626 MEDIUM
Modern Tribe Panel Builder Plugin - SQL Injection
CVSS 5.5
CVE-2020-36621 LOW
chedabob whatismyudid - XSS
CVSS 3.5
CVE-2020-36609 LOW
DuxCMS 2.1 - XSS
CVSS 2.4
CVE-2020-36608 LOW
Tribal Systems Zenario CMS - XSS
CVSS 3.5
CVE-2020-11080 LOW
nghttp2 <1.41.0 - DoS
CVSS 3.7
CVE-2020-11030 MEDIUM
WordPress <5.4.1 - Authenticated RCE
CVSS 6.4
CVE-2020-11026 HIGH
WordPress <5.4.1 - Authenticated RCE
CVSS 8.7
CVE-2019-10052 HIGH
Suricata 4.1.3 - Use After Free
CVSS 7.5
CVE-2018-3918 HIGH
Samsung SmartThings Hub STH-ETH-250 - Firmware 0.20.17 - RCE
CVSS 7.5
Details
Vulnerabilities 240
Links
MITRE CWE Entry Search this CWE With Exploits