Vulnerabilities > Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-23 | CVE-2020-5217 | Injection vulnerability in Twitter Secure Headers In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.8.0, 5.1.0, and 6.2.0. | 5.8 |
| 2020-01-23 | CVE-2020-5216 | Injection vulnerability in Twitter Secure Headers In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.9.0, 5.2.0, and 6.3.0. | 5.8 |
| 2020-01-15 | CVE-2019-16468 | Injection vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an user interface injection vulnerability. | 7.5 |
| 2020-01-15 | CVE-2012-0070 | Injection vulnerability in Spamdyke spamdyke prior to 4.2.1: STARTTLS reveals plaintext | 7.5 |
| 2020-01-14 | CVE-2014-7844 | Injection vulnerability in multiple products BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address. | 7.8 |
| 2020-01-10 | CVE-2013-7380 | Injection vulnerability in EP Imageconvert Project EP Imageconvert 0.0.1/0.0.2 The Etherpad Lite ep_imageconvert Plugin has a Remote Command Injection Vulnerability | 9.8 |
| 2020-01-09 | CVE-2012-2931 | Injection vulnerability in Tinywebgallery PHP code injection in TinyWebGallery before 1.8.8 allows remote authenticated users with admin privileges to inject arbitrary code into the .htusers.php file. | 7.2 |
| 2020-01-08 | CVE-2014-5287 | Injection vulnerability in Kemptechnologies Loadmaster A Bash script injection vulnerability exists in Kemp Load Master 7.1-16 and earlier due to a failure to sanitize input in the Web User Interface (WUI). | 8.8 |
| 2019-12-31 | CVE-2013-7070 | Injection vulnerability in Fibranet Monitorix The handle_request function in lib/HTTPServer.pm in Monitorix before 3.3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the URI. | 9.8 |
| 2019-12-30 | CVE-2019-17558 | Injection vulnerability in multiple products Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. | 7.5 |