Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

DATE CVE VULNERABILITY TITLE RISK
2020-02-17 CVE-2014-7236 Injection vulnerability in Twiki
Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before 6.0.1 allows remote attackers to execute arbitrary Perl code via the debugenableplugins parameter to do/view/Main/WebHome.
network
low complexity
twiki CWE-74
critical
 9.1
9.1
2020-02-17 CVE-2013-7324 Injection vulnerability in Webkitgtk
Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote attackers to trigger unexpectedly high sound volume via malicious javascript.
network
low complexity
webkitgtk CWE-74
5.3
5.3
2020-02-13 CVE-2020-8800 Injection vulnerability in Salesagility Suitecrm
SuiteCRM through 7.11.11 allows EmailsControllerActionGetFromFields PHP Object Injection.
network
low complexity
salesagility CWE-74
8.8
8.8
2020-02-12 CVE-2013-7381 Injection vulnerability in Libnotify Project Libnotify
libnotify before 1.0.4 for Node.js allows remote attackers to execute arbitrary commands via unspecified characters in a call to libnotify.notify.
network
low complexity
libnotify-project CWE-74
critical
 9.8
9.8
2020-02-12 CVE-2013-2010 Injection vulnerability in multiple products
WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability
network
low complexity
boldgrid automattic CWE-74
critical
 9.8
9.8
2020-02-12 CVE-2013-7378 Injection vulnerability in Hubot Scripts Project Hubot Scripts
scripts/email.coffee in the Hubot Scripts module before 2.4.4 for Node.js allows remote attackers to execute arbitrary commands.
network
low complexity
hubot-scripts-project CWE-74
critical
 9.8
9.8
2020-02-10 CVE-2014-5086 Injection vulnerability in multiple products
A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code.
network
low complexity
sphider sphider-plus sphiderpro CWE-74
8.8
8.8
2020-02-10 CVE-2014-5085 Injection vulnerability in Sphider-Plus 3.2
A Command Execution vulnerability exists in Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code.
network
low complexity
sphider-plus CWE-74
8.8
8.8
2020-02-10 CVE-2014-5084 Injection vulnerability in Sphiderpro Sphider PRO 3.2
A Command Execution vulnerability exists in Sphider Pro 3.2 due to insufficient sanitization of fwrite, which could let a remote malicious user execute arbitrary code.
network
low complexity
sphiderpro CWE-74
8.8
8.8
2020-02-10 CVE-2014-5083 Injection vulnerability in Sphider
A Command Execution vulnerability exists in Sphider before 1.3.6 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code.
network
low complexity
sphider CWE-74
8.8
8.8