Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-88

CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Parent: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.

359 vulnerabilities with CWE-88

CVE-2022-24376 HIGH

git-promise - Command Injection via Inappropriate Fix

CVE-2022-26532 HIGH

Zyxel USG/ZyWALL series <4.71 - Command Injection

CVE-2022-29215 HIGH

RegionProtect <1.1.0 - Code Injection

CVE-2022-29184 HIGH

GoCD < 22.1.0 - Authenticated Remote Code Execution via Mercurial Hook Branch Name Injection

CVE-2022-25865 HIGH

workspace-tools < 0.18.4 - Command Injection via Git Argument Injection

CVE-2022-30240 HIGH

Magnitude Simba Amazon Redshift JDBC Driver <1.2.55 - Command Injec...

CVE-2022-30239 HIGH

Magnitude Simba Amazon Athena JDBC Driver <2.0.29 - Command Injection

CVE-2022-29972 HIGH

Magnitude Simba Amazon Redshift ODBC Driver <1.4.52 - Command Injec...

CVE-2022-29971 HIGH

Magnitude Simba Amazon Athena ODBC Driver <1.1.17 - Command Injection

CVE-2022-30284 CRITICAL

python-libnmap < 0.7.2 - Remote Code Execution via NmapProcess Argument Injection

CVE-2022-24437 CRITICAL

git-pull-or-clone <2.0.2 - Command Injection

CVE-2022-25866 HIGH

czproject/git-php < 4.0.3 - Command Injection via git ls-remote Argument Injection

CVE-2022-25648 HIGH

git < 1.11.0 - Command Injection via fetch Remote Parameter

CVE-2022-24828 HIGH

Composer < 1.10.26 - Command Injection via VcsDriver getFileContent

CVE-2022-28391 HIGH

BusyBox < 1.35.0 - Remote Code Execution via netstat DNS PTR Record Handling

CVE-2022-24066 HIGH

simple-git <3.5.0 - Command Injection

CVE-2022-24440 HIGH

cocoapods-downloader <1.6.0, 1.6.2-1.6.3 - Command Injection

CVE-2022-21223 HIGH

cocoapods-downloader < 1.6.2 - Command Injection via hg Argument Injection

CVE-2022-21235 HIGH

vcs < 1.13.3 - Command Injection via hg Argument Injection

CVE-2022-25766 HIGH

ungit < 1.5.20 - Remote Code Execution via Git Fetch Argument Injection

CVE-2022-21187 HIGH

libvcs < 0.11.1 - OS Command Injection via hg clone URL Parameter

CVE-2022-24433 HIGH

simple-git <3.3.0 - Command Injection

CVE-2022-23915 HIGH

Weblate < 4.11.1 - Authenticated Remote Code Execution via Argument Injection

CVE-2022-24953 MEDIUM

Crypt_GPG < 1.6.7 - Argument Injection via GPG Command Options

CVE-2022-23221 CRITICAL

H2 Console <2.1.210 - RCE

Previous Page 9 of 15 Next

Details

Vulnerabilities 359

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy