Skip to main content

CWE-1173

Improper Use of Validation Framework

5 CVEs Avg CVSS 5.8 MITRE
0
CRITICAL
2
HIGH
2
MEDIUM
1
LOW
0
POC
0
KEV

Monthly

CVE-2026-33674 PHP LOW PATCH Monitor

PrestaShop versions prior to 8.2.5 and 9.1.0 contain an improper use of validation framework vulnerability that allows information disclosure through integrity violations. An attacker with high privileges and user interaction can potentially bypass validation controls to access or modify sensitive information. The vulnerability has a low CVSS score of 2.0 reflecting limited real-world impact, though it represents a validation framework weakness in a widely-deployed e-commerce platform.

Information Disclosure
NVD GitHub
CVSS 3.1
2.0
EPSS
0.0%
CVE-2025-3940 MEDIUM This Month

Improper Use of Validation Framework vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation.14.2,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Niagara Niagara Enterprise Security Windows
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2023-30949 MEDIUM This Month

A missing origin validation in Slate sandbox could be exploited by a malicious user to modify the page's content, which could lead to phishing attacks. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Slate
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2022-1414 HIGH This Week

3scale API Management 2 does not perform adequate sanitation for user input in multiple fields. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure 3Scale Api Management
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2020-1640 HIGH This Week

An improper use of a validation framework when processing incoming genuine BGP packets within Juniper Networks RPD (routing protocols process) daemon allows an attacker to crash RPD thereby causing a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 3.1
7.5
EPSS
1.4%
EPSS 0% CVSS 2.0
LOW PATCH Monitor

PrestaShop versions prior to 8.2.5 and 9.1.0 contain an improper use of validation framework vulnerability that allows information disclosure through integrity violations. An attacker with high privileges and user interaction can potentially bypass validation controls to access or modify sensitive information. The vulnerability has a low CVSS score of 2.0 reflecting limited real-world impact, though it represents a validation framework weakness in a widely-deployed e-commerce platform.

Information Disclosure
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM This Month

Improper Use of Validation Framework vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation.14.2,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Niagara +2
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A missing origin validation in Slate sandbox could be exploited by a malicious user to modify the page's content, which could lead to phishing attacks. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Slate
NVD
EPSS 1% CVSS 8.8
HIGH This Week

3scale API Management 2 does not perform adequate sanitation for user input in multiple fields. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure 3Scale Api Management
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An improper use of a validation framework when processing incoming genuine BGP packets within Juniper Networks RPD (routing protocols process) daemon allows an attacker to crash RPD thereby causing a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy