Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-74 (输出中的特殊元素转义处理不恰当(注入)) — Vulnerability Class 375

375 vulnerabilities classified as CWE-74 (输出中的特殊元素转义处理不恰当(注入)). AI Chinese analysis included.

CWE-74 represents a critical input validation weakness where software constructs commands, data structures, or records using externally influenced input without properly neutralizing special elements. This flaw allows attackers to inject malicious syntax that alters the intended interpretation of the downstream component, leading to severe consequences such as unauthorized command execution, data manipulation, or system compromise. Exploitation typically occurs when user-supplied data is directly concatenated into queries or system calls without sanitization. To prevent this, developers must implement rigorous input validation, ensuring all external data is strictly checked against expected formats. Furthermore, utilizing parameterized queries, safe APIs, and context-specific encoding techniques ensures that special characters are treated as literal data rather than executable instructions, effectively neutralizing potential injection vectors before they reach the downstream processor.

MITRE CWE Description
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
Common Consequences (5)
ConfidentialityRead Application Data
Many injection attacks involve the disclosure of important information -- in terms of both data sensitivity and usefulness in further exploitation.
Access ControlBypass Protection Mechanism
In some cases, injectable code controls authentication; this may lead to a remote vulnerability.
OtherAlter Execution Logic
Injection attacks are characterized by the ability to significantly change the flow of a given process, and in some cases, to the execution of arbitrary code.
Integrity, OtherOther
Data injection attacks lead to loss of data integrity in nearly all cases as the control-plane data injected is always incidental to data recall or writing.
Non-RepudiationHide Activities
Often the actions performed by injected control code are unlogged.
Mitigations (2)
RequirementsProgramming languages and supporting technologies might be chosen which are not subject to these issues.
ImplementationUtilize an appropriate mix of allowlist and denylist parsing to filter control-plane syntax from all input.
Examples (2)
This example code intends to take the name of a user and list the contents of that user's home directory. It is subject to the first variant of OS command injection.
$userName = $_POST["user"]; $command = 'ls -l /home/' . $userName; system($command);
Bad · PHP
;rm -rf /
Attack
The following code segment reads the name of the author of a weblog entry, author, from an HTTP request and sets it in a cookie header of an HTTP response.
String author = request.getParameter(AUTHOR_PARAM); ... Cookie cookie = new Cookie("author", author); cookie.setMaxAge(cookieExpiration); response.addCookie(cookie);
Bad · Java
HTTP/1.1 200 OK ... Set-Cookie: author=Jane Smith ...
Result
CVE IDTitleCVSSSeverityPublished
CVE-2025-64099 OpenAM allows use of arbitrary OIDC requested claims values in id_token and user_info — OpenAM 4.3 -2025-11-12
CVE-2025-47286 Combodo iTop vulnerable to Remote Code Execution in the backup creation functionality — iTop 9.1 -2025-11-10
CVE-2025-62697 Improperly sanitized style parameter in LanguageSelector — Mediawiki - LanguageSelector Extension 9.8AICriticalAI2025-10-20
CVE-2025-61773 pyLoad CNL and captcha handlers allow code Injection via unsanitized parameters — pyload 8.1 High2025-10-09
CVE-2025-11445 Kilo Code Prompt ClineProvider.ts ClineProvider injection — Kilo Code 6.3 Medium2025-10-08
CVE-2025-7350 Rockwell Automation Stratix® IOS Cross-Site Request Forgery to Code Execution Vulnerability — Stratix IOS 9.8AICriticalAI2025-09-09
CVE-2025-6785 Tesla Model 3 Physical CAN Bus Injection — Model 3 6.1AIMediumAI2025-09-04
CVE-2025-9797 mrvautin expressCart Edit Product edit injection — expressCart 2.4 Low2025-09-01
CVE-2025-20265 Cisco Secure Firewall Management Center Software Radius Remote Code Execution Vulnerability — Cisco Firepower Management Center 10.0 Critical2025-08-14
CVE-2025-20337 Cisco ISE API Unauthenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine Software 10.0 Critical2025-07-16
CVE-2025-20284 Cisco Identity Services Engine Authenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine Software 6.5 Medium2025-07-16
CVE-2025-20283 Cisco Identity Services Engine Authenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine Software 6.5 Medium2025-07-16
CVE-2025-40710 Host Header Injection (HHI) in the Hotspot Shield VPN client — Hotspot Shield VPN client 7.2AIHighAI2025-06-30
CVE-2025-53097 Roo Code extension vulnerable to Potential Information Leakage via JSON Schema — Roo-Code 5.9 Medium2025-06-27
CVE-2025-20281 Cisco ISE API Unauthenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine Software 10.0 Critical2025-06-25
CVE-2025-47867 Trend Micro Apex Central 安全漏洞 — Trend Micro Apex Central 7.5 High2025-06-17
CVE-2025-32711 M365 Copilot Information Disclosure Vulnerability — Microsoft 365 Copilot 9.3 Critical2025-06-11
CVE-2025-20256 Cisco Secure Network Analytics Manager Server-Side Template Injection Vulnerability — Cisco Secure Network Analytics 6.5 Medium2025-05-21
CVE-2025-48056 Hubble CLI vulnerable to character injection — hubble 5.3 Medium2025-05-20
CVE-2025-47948 Cocotais Bot has builtin .echo command injection — cocotais-bot 7.2 High2025-05-17
CVE-2025-32390 EspoCRM vulnerable to HTML Injection into phishing, which may lead to account takeover — espocrm 4.6AIMediumAI2025-05-12
CVE-2025-20216 Cisco Catalyst SD-WAN Manager Reflected HTML Injection Vulnerability — Cisco Catalyst SD-WAN Manager 4.7 Medium2025-05-07
CVE-2025-46814 FastAPI Guard Remote Header Injection via X-Forwarded-For Manipulation — fastapi-guard 3.4 Low2025-05-06
CVE-2025-3805 sarrionandia tournatrack Jinja2 Template check_id.py injection — tournatrack 5.3 Medium2025-04-19
CVE-2025-3804 thautwarm vscode-diana Jinja2 Template Gen.py injection — vscode-diana 5.3 Medium2025-04-19
CVE-2025-3026 Improper Neutralization of Special Elements vulnerability in EJBCA — EJBCA 6.1 -2025-03-31
CVE-2025-29993 Alfasado PowerCMS 注入漏洞 — PowerCMS 6.x series 7.4AIHighAI2025-03-27
CVE-2025-27787 Applio allows a DoS in restart.py — Applio 7.5 -2025-03-19
CVE-2025-27107 Integrated Scripting vulnerable to arbitrary code execution via Java reflection — IntegratedScripting 9.8 -2025-03-13
CVE-2025-27794 Flarum Vulnerable to Session Hijacking via Authoritative Subdomain Cookie Overwrite — framework 6.8 Medium2025-03-12

Vulnerabilities classified as CWE-74 (输出中的特殊元素转义处理不恰当(注入)) represent 375 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.