Fallos del tipo CWE-74

4162 resultados
CVE-2026-8210MEDIUMaandrew-me tgpt Update helper.go helper.Update command injectionEPSS 0.9%CVE-2022-31108MEDIUMArbitrary `CSS` injection into the generated graph affecting the container HTML in mermaid.jsEPSS 0.8%CVE-2023-26261CRITICALIn UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath injection leads to an authentication bypass by stealing the session of another conneEPSS 0.8%CVE-2021-41437MEDIUMAn HTTP response splitting attack in web application in ASUS RT-AX88U before v3.0.0.4.388.20558 allows an attacker to craft a specific URL tEPSS 0.8%CVE-2022-31593SAP Business One client - version 10.0 allows an attacker with low privileges, to inject code that can be executed by the application. An atEPSS 0.8%CVE-2021-29502HIGHRemote code execution in the WarnSystem module of Laggrons-Dumb-CogsEPSS 0.8%CVE-2024-11590MEDIUM1000 Projects Bookstore Management System forget_password_process.php sql injectionEPSS 0.8%CVE-2024-11647MEDIUM1000 Projects Beauty Parlour Management System view-appointment.php sql injectionEPSS 0.8%CVE-2024-11966MEDIUMPHPGurukul Complaint Management system index.php sql injectionEPSS 0.8%CVE-2024-11648MEDIUM1000 Projects Beauty Parlour Management System add-customer.php sql injectionEPSS 0.8%CVE-2024-11964MEDIUMPHPGurukul Complaint Management system index.php sql injectionEPSS 0.8%CVE-2020-26260MEDIUMServer Side Request Forgery in BookStackEPSS 0.8%CVE-2024-11649MEDIUM1000 Projects Beauty Parlour Management System search-appointment.php sql injectionEPSS 0.8%CVE-2024-11965MEDIUMPHPGurukul Complaint Management system reset-password.php sql injectionEPSS 0.8%CVE-2024-23648HIGHPimcore Admin Classic Bundle host header injection in the password resetEPSS 0.8%CVE-2024-41127HIGHMonkeytype is vulnerable to Poisoned Pipeline Execution through Code Injection in its `ci-failure-comment.yml` GitHub Workflow, enabling attackers to gain `pull-requests` write access.EPSS 0.8%CVE-2024-11956MEDIUMPimcore customer-data-framework list sql injectionEPSS 0.8%CVE-2016-15007MEDIUMCentralized-Salesforce-Dev-Framework SOQL SObjectService.cls SObjectService injectionEPSS 0.8%CVE-2024-12497MEDIUM1000 Projects Attendance Tracking Management System check_admin_login.php sql injectionEPSS 0.8%CVE-2025-4467MEDIUMSourceCodester Online Student Clearance System edit-admin.php sql injectionEPSS 0.8%