Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-707

CWE-707

Improper Neutralization

The product does not ensure or incorrectly ensures that structured messages or data are well-formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.

251 vulnerabilities with CWE-707

CVE-2022-3503 LOW

SourceCodester Purchase Order Management System 1.0 - XSS

CVE-2022-3502 LOW

Human Resource Management System 1.0 - XSS

CVE-2022-3497 LOW

SourceCodester Human Resource Management System 1.0 - Cross-Site Scripting via Master List Parameters

CVE-2022-3495 HIGH

Simple Online Public Access Catalog 1.0 - SQL Injection via Admin Login Username/Password

CVE-2022-3493 LOW

SourceCodester Human Resource Management System 1.0 - Cross-Site Scripting via Employee Name Fields

CVE-2022-3492 MEDIUM

SourceCodester Human Resource Management System 1.0 - OS Command Injection via Profile Photo Handler

CVE-2022-3473 MEDIUM

SourceCodester Human Resource Management System - SQL Injection via getstatecity.php ci Parameter

CVE-2022-3472 MEDIUM

SourceCodester Human Resource Management System - SQL Injection via cityedit Parameter

CVE-2022-3471 MEDIUM

SourceCodester Human Resource Management System - SQL Injection via searccity Parameter

CVE-2022-3470 MEDIUM

SourceCodester Human Resource Management System - SQL Injection via getstatecity.php sc Parameter

CVE-2022-3467 MEDIUM

Jiusi OA - SQL Injection via inforid Parameter

CVE-2022-3464 MEDIUM

puppyCMS < 5.1 - Cross-Site Scripting via site_name Argument in /admin/settings.php

CVE-2022-3453 LOW

Book Store Management System 1.0 - Cross-Site Scripting via buyer_name Parameter

CVE-2022-3452 LOW

Book Store Management System 1.0 - Cross-Site Scripting via Category Name Parameter

CVE-2022-3442 LOW

Crealogix EBICS 7.0 - Cross-Site Scripting in /ebics-server/ebics.aspx

CVE-2022-3434 LOW

Web-Based Student Clearance System - Cross-Site Scripting in Admin Add Student Function

CVE-2022-3414 MEDIUM

Web-Based Student Clearance System - SQL Injection via Admin Login POST Parameter

CVE-2022-3333 LOW

Zephyr Project Manager <3.2.4 - XSS

CVE-2022-3332 MEDIUM

SourceCodester Food Ordering Management System - SQL Injection

CVE-2022-23004 MEDIUM

Western Digital Sweet B - Denial of Service via P-256 Curve Point Multiplication

CVE-2021-4274 LOW

bird-lg - Cross-Site Scripting via request_args in layout.html

CVE-2021-4273 MEDIUM

studygolang - Cross-Site Scripting via Search Function q Parameter

CVE-2021-4272 LOW

studygolang - Cross-Site Scripting via contentHtml Argument in topics.js

CVE-2021-4271 LOW

w2wiki - Cross-Site Scripting in Markdown Handler toHTML Function

CVE-2021-4270 LOW

Imprint CMS < 2021-04-09 - Cross-Site Scripting in SearchForm Function

Previous Page 9 of 11 Next

Details

Vulnerabilities 251

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy