Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-94

CWE-94

Medium likelihood

Improper Control of Generation of Code ('Code Injection')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

6,511 vulnerabilities with CWE-94

CVE-2023-0792 MEDIUM

phpmyfaq < 3.1.11 - Code Injection

CVE-2023-0788 HIGH

phpmyfaq < 3.1.11 - Code Injection

CVE-2023-23912 HIGH

Ubiquiti EdgeRouter and UniFi Security Gateway - WAN Remote Code Execution

CVE-2023-0575 HIGH

Yugabyte DB <2.2.0.0 - Code Injection

CVE-2023-0671 HIGH

froxlor < 2.0.10 - Code Injection

CVE-2023-24576 HIGH

Dell EMC NetWorker < 19.8 - Unauthenticated Remote Code Execution via NetWorker Client Execution Service

CVE-2023-23477 HIGH

IBM WebSphere Application Server 8.5 and 9.0 - Remote Code Execution via Serialized Objects

CVE-2023-23619 CRITICAL

lfprojects/modelina < 1.0.0 - Code Injection via Default Presets

CVE-2023-24059 HIGH

Grand Theft Auto V - Remote Code Execution

CVE-2023-21890 CRITICAL

Oracle Communications Converged Application Server <8.0.0 - RCE

CVE-2023-21886 HIGH

Oracle VM VirtualBox <6.1.42 & <7.0.6 - Takeover

CVE-2023-22731 CRITICAL

Shopware < 6.4.18.1 - Authenticated Remote Code Execution via Twig Filter PHP Function Injection

CVE-2023-0297 CRITICAL

pyLoad js2py Python Execution

CVE-2023-22853 HIGH

Tiki < 24.1 - PHP Object Injection via eval in structlib.php

CVE-2023-22952 HIGH KEV

SugarCRM unauthenticated Remote Code Execution (RCE)

CVE-2023-0022 CRITICAL

SAP BusinessObjects < - Code Injection

CVE-2023-0048 HIGH

GitHub lirantal/daloradius <master - Code Injection

CVE-2022-50972 CRITICAL

WooCommerce 7.1.0 Remote Code Execution via class-wc-meta-box-product-images.php

CVE-2022-50944 HIGH

Aero CMS 0.0.1 PHP Code Injection via posts.php

CVE-2022-50806 HIGH

4images 1.9 - Authenticated Remote Code Execution via Template Editing and Categories Endpoint

CVE-2022-31491 CRITICAL

Voltronic Power ViewPower <1.04-24215, ViewPower Pro <2.0-22165, Po...

CVE-2022-38946 CRITICAL

divscorp doctor-appointment 1.0 - Arbitrary File Upload and Remote Code Execution via signup_com.php

CVE-2022-32897 HIGH

macOS < 12.5 - Remote Code Execution via Maliciously Crafted TIFF File

CVE-2022-46070 HIGH

GV-ASManager V6.0.1.0 - Path Traversal

CVE-2022-45177 HIGH

LIVEBOX Collaboration vDesk <= v031 - Observable Response Discrepancy in User Enable and Shared Search Endpoints

Previous Page 138 of 261 Next

Details

Vulnerabilities 6,511

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy