62 matches found
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
Overview Affected versions of this package are vulnerable to Failure to Sanitize Special Elements into a Different Plane Special Element Injection in the processing of the X-Nuclio-Arguments HTTP header, which is incorporated into shell commands without validation or sanitization. An attacker can...
EUVD-2016-10277
Malware in sbrugna...
EUVD-2022-0258
Malicious code in bioql PyPI...
EUVD-2023-1175
Malicious code in bioql PyPI...
EUVD-2023-12376
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-0302
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Failure to Sanitize Special Elements into a Different Plane Special Element Injection in GitHub repository radareorg/radare2 prior to 5.8.2. CVE-2023-0302 Note...
Apache Airflow Providers Snowflake package allows for Special Element Injection via CopyFromExternalStageToSnowflakeOperator
Failure to Sanitize Special Elements into a Different Plane Special Element Injection vulnerability in Apache Airflow Providers Snowflake. This issue affects Apache Airflow Providers Snowflake: before 6.4.0. Sanitation of table and stage parameters were added...
PYSEC-2025-51
Failure to Sanitize Special Elements into a Different Plane Special Element Injection vulnerability in Apache Airflow Providers Snowflake.This issue affects Apache Airflow Providers Snowflake: before 6.4.0.Sanitation of table and stage parameters were added...
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
Overview apache-airflow-providers-snowflake is a Provider package apache-airflow-providers-snowflake for Apache Airflow Affected versions of this package are vulnerable to Failure to Sanitize Special Elements into a Different Plane Special Element Injection in the...
CVE-2023-1758
Failure to Sanitize Special Elements into a Different Plane Special Element Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.12...
CVE-2022-4721
Failure to Sanitize Special Elements into a Different Plane Special Element Injection in GitHub repository ikus060/rdiffweb prior to 2.5.5...
Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability
Hitachi Vantara Pentaho BA Server contains a special element injection vulnerability that allows an attacker to inject Spring templates into properties files, allowing for arbitrary command execution...
Exploit for Special Element Injection in Rocket.Chat
Rocket-Chat-3.12.1-PoC-CVE-2021-22911- 1. Go login page !...
CVE-2023-1758
Failure to Sanitize Special Elements into a Different Plane Special Element Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.12...
Design/Logic Flaw
Failure to Sanitize Special Elements into a Different Plane Special Element Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.12...
CVE-2023-1758 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in thorsten/phpmyfaq
Failure to Sanitize Special Elements into a Different Plane Special Element Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.12...
CVE-2023-1758
CVE-2023-1758 affects thorsten/phpmyfaq (phpMyFAQ) prior to version 3.1.12. The issue is a failure to sanitize special elements into a different plane, which enables stored cross-site scripting (XSS) via the FAQ comment username parameter. The vulnerability is documented by multiple sources (GitH...
CVE-2022-43769 Hitachi Vantara Pentaho Business Analytics Server - Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream...
CVE-2022-43769 Hitachi Vantara Pentaho Business Analytics Server - Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream...
Special Element Injection
curl is vulnerable to Special Element Injection. The library allows users to pass on user name and telnet options to the server without proper input scrubbing, allowing them to pass on content or do option negotiation without the application intending to do so...