Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-707

CWE-707

Improper Neutralization

The product does not ensure or incorrectly ensures that structured messages or data are well-formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.

251 vulnerabilities with CWE-707

CVE-2022-4416 MEDIUM

mxsdoc - SQL Injection via searchWord/reposId Parameter in getReposAllUsers Function

CVE-2022-4403 MEDIUM

Canteen Management System - SQL Injection via customer_id Parameter in ajax_represent.php

CVE-2022-4401 LOW

pallidlight online-course-selection-system - Cross-Site Scripting

CVE-2022-4400 LOW

FS-Blog - Cross-Site Scripting in Title Handler

CVE-2022-4399 MEDIUM

TicklishHoneyBee nodau - SQL Injection

CVE-2022-4396 LOW

pyrdfa3 < 3.6.2 - Cross-Site Scripting in _get_option Function

CVE-2022-4377 LOW

S-CMS 5.0 Build 20220328 - Cross-Site Scripting via Contact Information Page

CVE-2022-4375 MEDIUM

Mingsoft MCMS <5.2.9 - SQL Injection

CVE-2022-4354 MEDIUM

pb-cms 2.0 - Cross-Site Scripting in Message Board Comment Handler

CVE-2022-4353 LOW

pb-cms 2.0 - Cross-Site Scripting in IpUtil.getIpAddr

CVE-2022-4350 LOW

Mingsoft MCMS 5.2.8 - Cross-Site Scripting via search.do content_title Parameter

CVE-2022-4348 LOW

RuoYi-Cloud - Cross-Site Scripting in JSON Handler

CVE-2022-4347 LOW

beetl-bbs - Cross-Site Scripting via User Argument in WebUtils.java

CVE-2022-4341 LOW

coder-chain_gdut - Cross-Site Scripting in /back/index.php/user/User

CVE-2022-4322 MEDIUM

maku-boot 1.3.0-2.2.0 - SQL Injection in Scheduled Task Handler

CVE-2022-4300 MEDIUM

FastCMS - Remote Code Execution via Template Handler

CVE-2022-4282 MEDIUM

SpringBootCMS - Remote Code Execution via Template Injection

CVE-2022-4279 LOW

SourceCodester Human Resource Management System 1.0 - Cross-Site Scripting via Employee View Search Parameter

CVE-2022-4278 MEDIUM

SourceCodester Human Resource Management System 1.0 - SQL Injection via empid Parameter

CVE-2022-4277 MEDIUM

Shaoxing Background Management System - SQL Injection via /Default/Bd id Parameter

CVE-2022-4275 MEDIUM

House Rental System - SQL Injection via search-property.php POST Request Handler

CVE-2022-4274 MEDIUM

House Rental System - SQL Injection via property_id Parameter in view-property.php

CVE-2022-4257 MEDIUM

C-DATA Web Management System - Argument Injection

CVE-2022-4253 LOW

Canteen Management System - Cross-Site Scripting via customer.php builtin_echo Function

CVE-2022-4252 LOW

Canteen Management System - Cross-Site Scripting in categories.php builtin_echo Function

Previous Page 5 of 11 Next

Details

Vulnerabilities 251

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy