Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-09 | CVE-2019-11581 | Injection vulnerability in Atlassian Jira Server There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. | 9.8 |
2019-08-09 | CVE-2019-5404 | Injection vulnerability in HP 3Par Storeserv Management Console 3.3.1/3.5 A remote script injection vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. | 8.8 |
2019-08-07 | CVE-2016-10801 | Injection vulnerability in Cpanel cPanel before 58.0.4 has improper session handling for shared users (SEC-139). | 8.8 |
2019-08-02 | CVE-2019-7889 | Injection vulnerability in Magento An injection vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 6.5 |
2019-08-02 | CVE-2017-18437 | Injection vulnerability in Cpanel cPanel before 64.0.21 allows a Webmail account to execute code via forwarders (SEC-240). | 4.4 |
2019-08-02 | CVE-2017-18389 | Injection vulnerability in Cpanel cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318). | 6.3 |
2019-08-02 | CVE-2017-18387 | Injection vulnerability in Cpanel cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in a Reseller style upload (SEC-314). | 7.2 |
2019-08-02 | CVE-2017-18386 | Injection vulnerability in Cpanel cPanel before 68.0.15 allows arbitrary code execution via Maketext injection in PostgresAdmin (SEC-313). | 7.2 |
2019-08-01 | CVE-2016-10847 | Injection vulnerability in Cpanel cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath (SEC-80). | 8.1 |
2019-08-01 | CVE-2016-10845 | Injection vulnerability in Cpanel cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/check_system_storable (SEC-78). | 8.1 |