Fallos del tipo CWE-914
6 resultadosCVE-2023-33175CRITICALToUI allows user-specific variables to be shared between usersEPSS 0.7%CVE-2024-54198HIGHInformation Disclosure vulnerability through Remote Function Call (RFC) in SAP NetWeaver Application Server ABAPEPSS 0.6%CVE-2025-14051MEDIUMyoulaitech youlai-mall addresses deleteAddress improper control of dynamically-identified variablesEPSS 0.4%CVE-2024-24914HIGHAuthenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security fix that mitigates this vEPSS 0.4%CVE-2025-14085MEDIUMyoulaitech youlai-mall orders improper control of dynamically-identified variablesEPSS 0.3%CVE-2026-35173MEDIUMChyrp Lite has an IDOR via Mass Assignment in Post ModelEPSS 0.2%