Vulnerabilities (CVE)

Filtered by CWE-116
Total 241 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-35153 1 Fusionpbx 1 Fusionpbx 2024-02-28 N/A 9.8 CRITICAL
FusionPBX 5.0.1 was discovered to contain a command injection vulnerability via /fax/fax_send.php.
CVE-2022-41322 2 Fedoraproject, Kitty Project 2 Fedora, Kitty 2024-02-28 N/A 7.8 HIGH
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup.
CVE-2022-2619 2 Fedoraproject, Google 2 Fedora, Chrome 2024-02-28 N/A 4.3 MEDIUM
Insufficient validation of untrusted input in Settings in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted HTML page.
CVE-2022-3941 1 Activity Log Project 1 Activity Log 2024-02-28 N/A 5.3 MEDIUM
A vulnerability has been found in Activity Log Plugin and classified as critical. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-213448.
CVE-2022-4011 1 Simple History Project 1 Simple History 2024-02-28 N/A 9.8 CRITICAL
A vulnerability was found in Simple History Plugin. It has been rated as critical. This issue affects some unknown processing of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213785 was assigned to this vulnerability.
CVE-2022-39957 3 Debian, Fedoraproject, Owasp 3 Debian Linux, Fedora, Owasp Modsecurity Core Rule Set 2024-02-28 N/A 7.5 HIGH
The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass. A client can issue an HTTP Accept header field containing an optional "charset" parameter in order to receive the response in an encoded form. Depending on the "charset", this response can not be decoded by the web application firewall. A restricted resource, access to which would ordinarily be detected, may therefore bypass detection. The legacy CRS versions 3.0.x and 3.1.x are affected, as well as the currently supported versions 3.2.1 and 3.3.2. Integrators and users are advised to upgrade to 3.2.2 and 3.3.3 respectively.
CVE-2022-41443 1 Phpipam 1 Phpipam 2024-02-28 N/A 9.8 CRITICAL
phpipam v1.5.0 was discovered to contain a header injection vulnerability via the component /admin/subnets/ripe-query.php.
CVE-2021-40694 1 Moodle 1 Moodle 2024-02-28 N/A 4.9 MEDIUM
Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account.
CVE-2022-34820 1 Siemens 30 Simatic Cp 1242-7 V2, Simatic Cp 1242-7 V2 Firmware, Simatic Cp 1243-1 and 27 more 2024-02-28 9.3 HIGH 8.4 HIGH
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). The application does not correctly escape some user provided fields during the authentication process. This could allow an attacker to inject custom commands and execute arbitrary code with elevated privileges.
CVE-2022-0935 1 Livehelperchat 1 Live Helper Chat 2024-02-28 6.8 MEDIUM 8.8 HIGH
Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97.
CVE-2022-28960 1 Spip 1 Spip 2024-02-28 6.5 MEDIUM 8.8 HIGH
A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the _oups parameter at /ecrire.
CVE-2022-25235 5 Debian, Fedoraproject, Libexpat Project and 2 more 6 Debian Linux, Fedora, Libexpat and 3 more 2024-02-28 7.5 HIGH 9.8 CRITICAL
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
CVE-2022-0741 1 Gitlab 1 Gitlab 2024-02-28 4.3 MEDIUM 7.5 HIGH
Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed an attacker to steal environment variables via specially crafted email addresses.
CVE-2021-43106 1 Compassplus 2 Tranzware Online, Tranzware Online Financial Institution Maintenance Interface 2024-02-28 5.8 MEDIUM 6.1 MEDIUM
A Header Injection vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online (TWO) 5.3.33.3 F38 and FIMI 4.2.19.4 25.The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would just cause the request to be sent to a completely different Domain/IP address. This is due to that the server implicitly trusts the Host header, and fails to validate or escape it properly. An attacker can use this input to redirect target users to a malicious domain/web page. This would result in expanding the potential to further attacks and malicious actions.
CVE-2021-39027 1 Ibm 1 Guardium Data Encryption 2024-02-28 4.0 MEDIUM 5.0 MEDIUM
IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved. IBM X-Force ID: 213865.
CVE-2022-30781 1 Gitea 1 Gitea 2024-02-28 5.0 MEDIUM 7.5 HIGH
Gitea before 1.16.7 does not escape git fetch remote.
CVE-2022-32549 1 Apache 2 Sling Api, Sling Commons Log 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
Apache Sling Commons Log <= 5.4.0 and Apache Sling API <= 2.25.0 are vulnerable to log injection. The ability to forge logs may allow an attacker to cover tracks by injecting fake logs and potentially corrupt log files.
CVE-2022-30966 1 Jenkins 1 Random String Parameter 2024-02-28 3.5 LOW 5.4 MEDIUM
Jenkins Random String Parameter Plugin 1.0 and earlier does not escape the name and description of Random String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
CVE-2022-26174 1 Beekeeperstudio 1 Beekeeper-studio 2024-02-28 7.5 HIGH 9.8 CRITICAL
A remote code execution (RCE) vulnerability in Beekeeper Studio v3.2.0 allows attackers to execute arbitrary code via a crafted payload injected into the display fields.
CVE-2022-23079 1 Getmotoradmin 1 Motor Admin 2024-02-28 6.8 MEDIUM N/A
In motor-admin versions 0.0.1 through 0.2.56 are vulnerable to host header injection in the password reset functionality where malicious actor can send fake password reset email to arbitrary victim.