Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-10 | CVE-2017-18604 | Injection vulnerability in Sitebuilder Dynamic Components Project Sitebuilder Dynamic Components 1.0 The sitebuilder-dynamic-components plugin through 1.0 for WordPress has PHP object injection via an AJAX request. | 5.0 |
2019-09-09 | CVE-2019-12463 | Injection vulnerability in Librenms 1.50.1/1.51/1.52 An issue was discovered in LibreNMS 1.50.1. | 6.5 |
2019-09-09 | CVE-2019-10665 | Injection vulnerability in Librenms An issue was discovered in LibreNMS through 1.47. | 7.5 |
2019-08-22 | CVE-2014-10386 | Injection vulnerability in 3CX Live Chat The wp-live-chat-support plugin before 4.1.0 for WordPress has JavaScript injections. | 6.1 |
2019-08-22 | CVE-2014-10394 | Injection vulnerability in Saschart Rich Counter 1.0.5/1.1.0/1.1.5 The rich-counter plugin before 1.2.0 for WordPress has JavaScript injection via a User-Agent header. | 4.3 |
2019-08-22 | CVE-2014-10391 | Injection vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System The wp-support-plus-responsive-ticket-system plugin before 4.1 for WordPress has JavaScript injection. | 4.3 |
2019-08-22 | CVE-2017-18583 | Injection vulnerability in Post PAY Counter Project Post PAY Counter The post-pay-counter plugin before 2.731 for WordPress has PHP Object Injection. | 7.5 |
2019-08-09 | CVE-2019-11581 | Injection vulnerability in Atlassian Jira and Jira Server There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. | 9.3 |
2019-08-09 | CVE-2019-5404 | Injection vulnerability in HP 3Par Storeserv Management Console 3.3.1/3.5 A remote script injection vulnerability was discovered in HPE 3PAR StoreServ Management and Core Software Media version(s): prior to 3.5.0.1. | 8.7 |
2019-08-07 | CVE-2016-10801 | Injection vulnerability in Cpanel cPanel before 58.0.4 has improper session handling for shared users (SEC-139). | 6.5 |