Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-12-12 | CVE-2024-12484 | Injection vulnerability in Codezips Technical Discussion Forum 1.0 A vulnerability classified as critical was found in Codezips Technical Discussion Forum 1.0. | 9.8 |
2024-12-12 | CVE-2024-12485 | Injection vulnerability in Fabian Online Class and Exam Scheduling System 1.0 A vulnerability, which was classified as critical, has been found in code-projects Online Class and Exam Scheduling System 1.0. | 8.8 |
2024-12-12 | CVE-2024-12486 | Injection vulnerability in Fabian Online Class and Exam Scheduling System 1.0 A vulnerability, which was classified as critical, was found in code-projects Online Class and Exam Scheduling System 1.0. | 8.8 |
2024-12-12 | CVE-2024-12487 | Injection vulnerability in Fabian Online Class and Exam Scheduling System 1.0 A vulnerability has been found in code-projects Online Class and Exam Scheduling System 1.0 and classified as critical. | 8.8 |
2024-12-12 | CVE-2024-12489 | Injection vulnerability in Fabian Online Class and Exam Scheduling System 1.0 A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. | 8.8 |
2024-11-24 | CVE-2024-11234 | Injection vulnerability in PHP In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user. | 7.2 |
2024-11-10 | CVE-2024-11058 | Injection vulnerability in Surajkumarvishwakarma Real Estate Management System A vulnerability was found in CodeAstro Real Estate Management System up to 1.0. | 7.2 |
2024-10-29 | CVE-2024-7472 | Injection vulnerability in Lunary 1.2.26 lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification API (/v1/users/send-verification) and Sign up API (/auth/signup). | 6.5 |
2024-10-29 | CVE-2024-8309 | Injection vulnerability in Langchain 0.2.5 A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. | 9.8 |
2024-09-19 | CVE-2024-25673 | Injection vulnerability in Couchbase Server Couchbase Server 7.6.x before 7.6.2, 7.2.x before 7.2.6, and all earlier versions allows HTTP Host header injection. | 6.1 |