Vulnerabilities > Improper Neutralization of Special Elements in Data Query Logic
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-15 | CVE-2021-1481 | A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management interface. | 4.3 |
| 2019-05-22 | CVE-2018-7829 | Improper Neutralization of Special Elements in Data Query Logic vulnerability in Schneider-Electric products An Improper Neutralization of Special Elements in Query vulnerability exists in the 1st Gen. | 8.8 |
| 2017-08-23 | CVE-2017-12904 | Improper Neutralization of Special Elements in Data Query Logic vulnerability in multiple products Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or URL. | 8.8 |