Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-707

CWE-707

Improper Neutralization

The product does not ensure or incorrectly ensures that structured messages or data are well-formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.

251 vulnerabilities with CWE-707

CVE-2025-27712 MEDIUM

Intel(R) Neural Compressor <v3.4 - Privilege Escalation

CVE-2025-11445 MEDIUM

Kilo Code < 4.86.0 - Remote Code Execution via Prompt Handler

CVE-2025-9797 LOW

mrvautin expressCart <b31302f4e99c3293bd742c6d076a721e168118b0 - Co...

CVE-2025-24921 MEDIUM

Intel(R) Tiber(TM) Edge Platform <24.11.1 - Info Disclosure

CVE-2025-3805 MEDIUM

sarrionandia tournatrack - Code Injection

CVE-2025-3804 MEDIUM

thautwarm vscode-diana 0.0.1 - Code Injection

CVE-2025-26633 HIGH KEV

Microsoft Management Console - Auth Bypass

CVE-2025-1611 MEDIUM

ShopXO < 6.4.0 - Remote Code Execution in Template Handler

CVE-2025-0697 MEDIUM

Telstra Smart Modem Gen 2 <20250115 - Code Injection

CVE-2024-10915 HIGH

D-Link DNS-320, DNS-320LW, DNS-325, and DNS-340L - OS Command Injection via group Parameter

CVE-2024-10914 HIGH

D-Link DNS-320, DNS-320LW, DNS-325, and DNS-340L - OS Command Injection via cgi_user_add name Parameter

CVE-2024-10845 HIGH

Bookstore Management System 1.0 - SQL Injection via book_detail.php id Parameter

CVE-2024-10844 HIGH

Bookstore Management System 1.0 - SQL Injection via search.php s Parameter

CVE-2024-10842 LOW

romadebrian WEB-Sekolah 1.0 - Cross-Site Scripting via Username_Baru/Password Parameter

CVE-2024-10841 MEDIUM

romadebrian WEB-Sekolah 1.0 - SQL Injection via Name Parameter in Mail Handler

CVE-2024-10840 LOW

romadebrian WEB-Sekolah 1.0 - Cross-Site Scripting via kode Parameter in Backend

CVE-2024-10810 MEDIUM

E-Health Care System 1.0 - SQL Injection via Doctor/app_request.php app_id Parameter

CVE-2024-10809 MEDIUM

E-Health Care System 1.0 - SQL Injection via Doctor Chat Name/Message Parameter

CVE-2024-10808 MEDIUM

E-Health Care System 1.0 - SQL Injection via Admin/req_detail.php id Parameter

CVE-2024-10807 LOW

Hospital Management System 4.0 - Cross-Site Scripting via searchdata Parameter

CVE-2024-10806 LOW

Hospital Management System 4.0 - Cross-Site Scripting via betweendates-detailsreports.php fromdate/todate Parameters

CVE-2024-10805 MEDIUM

University Event Management System 1.0 - SQL Injection via doedit.php id Parameter

CVE-2024-10791 HIGH

Codezips Hospital Appointment System 1.0 - SQL Injection via Name Parameter in doctorAction.php

CVE-2024-10768 LOW

PHPGurukul Online Shopping Portal 2.0 - Cross-Site Scripting in two_tables.php

CVE-2024-10752 HIGH

Codezips Pet Shop Management System 1.0 - SQL Injection via /productsadd.php id/name Parameter

Previous Page 2 of 11 Next

Details

Vulnerabilities 251

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy