Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-707

CWE-707

Improper Neutralization

The product does not ensure or incorrectly ensures that structured messages or data are well-formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.

251 vulnerabilities with CWE-707

CVE-2022-4251 LOW

Movie Ticket Booking System - Cross-Site Scripting in editBooking.php

CVE-2022-4250 LOW

Movie Ticket Booking System - Cross-Site Scripting via booking.php id Parameter

CVE-2022-4249 LOW

Movie Ticket Booking System - Cross-Site Scripting via ORDER_ID Parameter

CVE-2022-4248 MEDIUM

Movie Ticket Booking System - SQL Injection via editBooking.php id Parameter

CVE-2022-4247 MEDIUM

Movie Ticket Booking System - SQL Injection via booking.php id Parameter

CVE-2022-4234 LOW

Canteen Management System - Cross-Site Scripting in youthappam/brand.php via brand_name Argument

CVE-2022-4233 LOW

SourceCodester Event Registration System 1.0 - Cross-Site Scripting via First Name/Last Name Argument

CVE-2022-4222 MEDIUM

Canteen Management System - SQL Injection via ajax_invoice.php POST Request Handler

CVE-2022-4091 LOW

SourceCodester Canteen Management System - XSS

CVE-2022-4089 MEDIUM

rickxy Stock Management System - XSS

CVE-2022-4088 HIGH

rickxy Stock Management System - SQL Injection

CVE-2022-4064 LOW

dalli < 3.2.3 - Injection via Meta Protocol Handler cas/ttl Argument

CVE-2022-4053 LOW

Student Attendance Management System - XSS

CVE-2022-4052 MEDIUM

Student Attendance Management System - SQL Injection

CVE-2022-4051 MEDIUM

Hostel Searching Project - SQL Injection

CVE-2022-4015 MEDIUM

Sports Club Management System 119 - SQL Injection

CVE-2022-4012 MEDIUM

Hospital Management Center - SQL Injection

CVE-2022-4011 MEDIUM

Simple History Plugin - Info Disclosure

CVE-2022-3998 MEDIUM

scm - SQL Injection via id Parameter in uredi_korisnika.php

CVE-2022-3997 MEDIUM

MonikaBrzica scm - SQL Injection via email/lozinka/ime/id Parameters

CVE-2022-3992 LOW

Sanitization Management System - Cross-Site Scripting in Banner Image Handler

CVE-2022-3988 LOW

frappe < 14.14.3 - Cross-Site Scripting via Navbar Search Parameter

CVE-2022-3975 LOW

NukeViet CMS < 4.5 - Cross-Site Scripting in Data URL Handler

CVE-2022-3973 HIGH

hms-php - SQL Injection via Data Pump Metadata uname/pass Parameters

CVE-2022-3972 HIGH

HMS-PHP - SQL Injection via admin/adminlogin.php uname/pass Parameters

Previous Page 6 of 11 Next

Details

Vulnerabilities 251

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy