Vulnerabilities (CVE)

Filtered by CWE-116
Total 243 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-0210 1 Buffercode 1 Random Banner 2024-11-21 3.5 LOW 4.8 MEDIUM
The Random Banner WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the category parameter found in the ~/include/models/model.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 4.1.4. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled.
CVE-2022-0124 1 Gitlab 1 Gitlab 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. Gitlab's Slack integration is incorrectly validating user input and allows to craft malicious URLs that are sent to slack.
CVE-2021-4068 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-4041 1 Redhat 1 Ansible Runner 2024-11-21 N/A 7.8 HIGH
A flaw was found in ansible-runner. An improper escaping of the shell command, while calling the ansible_runner.interface.run_command, can lead to parameters getting executed as host's shell command. A developer could unintentionally write code that gets executed in the host rather than the virtual environment.
CVE-2021-45848 2 Fedoraproject, Nicotine-plus 2 Fedora, Nicotine\+ 2024-11-21 5.0 MEDIUM 7.5 HIGH
Denial of service (DoS) vulnerability in Nicotine+ 3.0.3 and later allows a user with a modified Soulseek client to crash Nicotine+ by sending a file download request with a file path containing a null character.
CVE-2021-45226 1 Coins-global 1 Coins Construction Cloud 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in COINS Construction Cloud 11.12. Due to improper validation of user-controlled HTTP headers, attackers can cause it to send password-reset e-mails pointing to arbitrary websites.
CVE-2021-44042 1 Uipath 1 Assistant 2024-11-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered in UiPath Assistant 21.4.4. User-controlled data supplied to the --process-start argument of the URI handler for uipath-assistant:// is not correctly encoded, resulting in attacker-controlled content being injected into the error message displayed (when the injected content does not match an existing process). A determined attacker could leverage this to execute JavaScript in the context of the Electron application.
CVE-2021-43410 1 Apache 1 Airavata Django Portal 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Apache Airavata Django Portal allows CRLF log injection because of lack of escaping log statements. In particular, some HTTP request parameters are logged without first being escaped. Versions affected: master branch before commit 3c5d8c7 [1] of airavata-django-portal [1] https://github.com/apache/airavata-django-portal/commit/3c5d8c72bfc3eb0af8693a655a5d60f9273f8170
CVE-2021-43106 1 Compassplus 2 Tranzware Online, Tranzware Online Financial Institution Maintenance Interface 2024-11-21 5.8 MEDIUM 6.1 MEDIUM
A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online (TWO) 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the request to be sent to a completely different Domain/IP address. This is due to that the server implicitly trusts the Host header, and fails to validate or escape it properly. An attacker can use this input to redirect target users to a malicious domain/web page. This would result in expanding the potential to further attacks and malicious actions.
CVE-2021-42250 1 Apache 1 Superset 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
Improper output neutralization for Logs. A specific Apache Superset HTTP endpoint allowed for an authenticated user to forge log entries or inject malicious content into logs.
CVE-2021-42010 1 Apache 1 Heron 2024-11-21 N/A 9.8 CRITICAL
Heron versions <= 0.20.4-incubating allows CRLF log injection because of the lack of escaping in the log statements. Please update to version 0.20.5-incubating which addresses this issue.
CVE-2021-41232 1 Thunderdome 1 Planning Poker 2024-11-21 7.5 HIGH 8.1 HIGH
Thunderdome is an open source agile planning poker tool in the theme of Battling for points. In affected versions there is an LDAP injection vulnerability which affects instances with LDAP authentication enabled. The provided username is not properly escaped. This issue has been patched in version 1.16.3. If users are unable to update they should disable the LDAP feature if in use.
CVE-2021-41191 1 Redon 1 Roblox Purchasing Hub 2024-11-21 5.0 MEDIUM 7.5 HIGH
Roblox-Purchasing-Hub is an open source Roblox product purchasing hub. A security risk in versions 1.0.1 and prior allowed people who have someone's API URL to get product files without an API key. This issue is fixed in version 1.0.2. As a workaround, add `@require_apikey` in `BOT/lib/cogs/website.py` under the route for `/v1/products`.
CVE-2021-40694 1 Moodle 1 Moodle 2024-11-21 N/A 4.9 MEDIUM
Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account.
CVE-2021-40007 1 Huawei 2 Ecns280 Td, Ecns280 Td Firmware 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
There is an information leak vulnerability in eCNS280_TD V100R005C10SPC650. The vulnerability is caused by improper log output management. An attacker with the ability to access the log file of device may lead to information disclosure.
CVE-2021-39367 1 Canon 1 Oce Print Exec Workgroup 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Canon Oce Print Exec Workgroup 1.3.2 allows Host header injection.
CVE-2021-39027 1 Ibm 1 Guardium Data Encryption 2024-11-21 4.0 MEDIUM 5.0 MEDIUM
IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved. IBM X-Force ID: 213865.
CVE-2021-38997 1 Ibm 1 Api Connect 2024-11-21 N/A 5.4 MEDIUM
IBM API Connect V10.0.0.0 through V10.0.5.0, V10.0.1.0 through V10.0.1.7, and V2018.4.1.0 through 2018.4.1.19 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 213212.
CVE-2021-38751 1 Exponentcms 1 Exponentcms 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
A HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponent_constants.php. A modified HTTP header can change links on the webpage to an arbitrary value, leading to a possible attack vector for MITM.
CVE-2021-38182 1 Kyma-project 1 Kyma 2024-11-21 6.5 MEDIUM 8.8 HIGH
Due to insufficient input validation of Kyma, authenticated users can pass a Header of their choice and escalate privileges which can completely compromise the cluster.