Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

DATE CVE VULNERABILITY TITLE RISK
2024-12-12 CVE-2024-12484 Injection vulnerability in Codezips Technical Discussion Forum 1.0
A vulnerability classified as critical was found in Codezips Technical Discussion Forum 1.0.
network
low complexity
codezips CWE-74
critical
9.8
2024-12-12 CVE-2024-12485 Injection vulnerability in Fabian Online Class and Exam Scheduling System 1.0
A vulnerability, which was classified as critical, has been found in code-projects Online Class and Exam Scheduling System 1.0.
network
low complexity
fabian CWE-74
8.8
2024-12-12 CVE-2024-12486 Injection vulnerability in Fabian Online Class and Exam Scheduling System 1.0
A vulnerability, which was classified as critical, was found in code-projects Online Class and Exam Scheduling System 1.0.
network
low complexity
fabian CWE-74
8.8
2024-12-12 CVE-2024-12487 Injection vulnerability in Fabian Online Class and Exam Scheduling System 1.0
A vulnerability has been found in code-projects Online Class and Exam Scheduling System 1.0 and classified as critical.
network
low complexity
fabian CWE-74
8.8
2024-12-12 CVE-2024-12489 Injection vulnerability in Fabian Online Class and Exam Scheduling System 1.0
A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0.
network
low complexity
fabian CWE-74
8.8
2024-11-24 CVE-2024-11234 Injection vulnerability in PHP
In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user.
network
low complexity
php CWE-74
7.2
2024-11-10 CVE-2024-11058 Injection vulnerability in Surajkumarvishwakarma Real Estate Management System
A vulnerability was found in CodeAstro Real Estate Management System up to 1.0.
network
low complexity
surajkumarvishwakarma CWE-74
7.2
2024-10-29 CVE-2024-7472 Injection vulnerability in Lunary 1.2.26
lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification API (/v1/users/send-verification) and Sign up API (/auth/signup).
network
low complexity
lunary CWE-74
6.5
2024-10-29 CVE-2024-8309 Injection vulnerability in Langchain 0.2.5
A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection.
network
low complexity
langchain CWE-74
critical
9.8
2024-09-19 CVE-2024-25673 Injection vulnerability in Couchbase Server
Couchbase Server 7.6.x before 7.6.2, 7.2.x before 7.2.6, and all earlier versions allows HTTP Host header injection.
network
low complexity
couchbase CWE-74
6.1