CWE-707

Improper Neutralization

The product does not ensure or incorrectly ensures that structured messages or data are well-formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.

251 vulnerabilities with CWE-707
CVE-2024-10700 MEDIUM
University Event Management System 1.0 - SQL Injection via submit.php Parameters
CVSS 6.3
CVE-2024-43572 HIGH KEV
Microsoft Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Remote Code Execution in Management Console
CVSS 7.8
CVE-2024-9324 MEDIUM
Intelbras InControl <2.21.57 - Code Injection
CVSS 6.3
CVE-2024-21864 HIGH
Intel(R) Arc(TM)&Iris(R) Xe Graphics <31.0.101.5081 - Privilege Esc...
CVSS 7.8
CVE-2023-46689 HIGH
Intel(R) Power Gadget - Privilege Escalation
CVSS 8.8
CVE-2023-45315 MEDIUM
Intel Power Gadget < 3.6.0 - Authenticated Denial of Service via Improper Initialization
CVSS 5.5
CVE-2023-42773 HIGH
Intel(R) Power Gadget - Privilege Escalation
CVSS 8.8
CVE-2023-6123 HIGH
OpenText ALM Octane >=16.2.100 - RCE
CVSS 7.5
CVE-2022-4730 LOW
Graphite Web - Cross-Site Scripting in Absolute Time Range Handler
CVSS 3.5
CVE-2022-4729 LOW
Graphite Web - Cross-Site Scripting in Template Name Handler
CVSS 3.5
CVE-2022-4728 LOW
Graphite Web - Cross-Site Scripting in Cookie Handler
CVSS 3.5
CVE-2022-4727 LOW
OpenMRS Appointment Scheduling Module < 1.17.0 - Cross-Site Scripting in Notes Handler
CVSS 3.5
CVE-2022-4726 MEDIUM
Sanitization Management System 1.0 - SQL Injection via Admin Login Username/Password
CVSS 6.3
CVE-2022-4642 LOW
tatoeba2 < 2022-10-30 - Cross-Site Scripting in Profile Name Handler
CVSS 3.5
CVE-2022-4640 LOW
Mingsoft MCMS 5.2.9 - Cross-Site Scripting in Article Handler Save Function
CVSS 3.5
CVE-2022-4638 LOW
collective.contact.widget <1.12 - XSS
CVSS 3.5
CVE-2022-4631 LOW
WP-Ban - Cross-Site Scripting in ban-options.php
CVSS 3.5
CVE-2022-3877 LOW
Click Studios Passwordstate - Cross-Site Scripting in URL Field Handler
CVSS 3.5
CVE-2022-4602 LOW
Shoplazza LifeStyle 1.1 - Cross-Site Scripting via Title Parameter in Review Flow Handler
CVSS 3.5
CVE-2022-4601 LOW
Shoplazza LifeStyle 1.1 - Cross-Site Scripting in Shipping/Member Discount/Icon Component
CVSS 3.5
CVE-2022-4600 LOW
Shoplazza LifeStyle 1.1 - Cross-Site Scripting via Product Carousel Handler
CVSS 3.5
CVE-2022-4599 LOW
Shoplazza LifeStyle 1.1 - Cross-Site Scripting via Theme Editor Subheading/Heading/Text/Button Text/Label
CVSS 3.5
CVE-2022-4598 LOW
Shoplazza LifeStyle 1.1 - Cross-Site Scripting via Announcement Handler Text/Mobile Text Parameter
CVSS 3.5
CVE-2022-4597 LOW
Shoplazza LifeStyle 1.1 - Cross-Site Scripting in Create Product Handler
CVSS 3.5
CVE-2022-4596 LOW
Shoplazza lifestyle 1.1 - Cross-Site Scripting via Add Blog Post Title Argument
CVSS 3.5
Details
Vulnerabilities 251
Links
MITRE CWE Entry Search this CWE With Exploits