CWE-15 – External Control of System or Configuration Setting
Description One or more system settings or configuration elements can be externally controlled by a user. Allowing external control of system settings can disrupt service...
CWE-149 – Improper Neutralization of Quoting Syntax
Description Quotes injected into an application can be used to compromise a system. As data are parsed, an injected/absent/duplicate/malformed use of quotes may cause the...
CWE-148 – Improper Neutralization of Input Leaders
Description The application does not properly handle when a leading character or sequence ("leader") is missing or malformed, or if multiple leaders are used when...
CWE-147 – Improper Neutralization of Input Terminators
Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as input...
CWE-146 – Improper Neutralization of Expression/Command Delimiters
Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as expression...
CWE-145 – Improper Neutralization of Section Delimiters
Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as section...
CWE-144 – Improper Neutralization of Line Delimiters
Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as line...
CWE-143 – Improper Neutralization of Record Delimiters
Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as record...
CWE-142 – Improper Neutralization of Value Delimiters
Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as value...
CWE-141 – Improper Neutralization of Parameter/Argument Delimiters
Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as parameter...
