CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,548 vulnerabilities with CWE-94
CVE-2010-2005
DataLife Engine 8.3 - Remote Code Execution via PHP File Inclusion
CVE-2010-1978
FreePHPBlogSoftware 1.0 - Remote Code Execution via phpincdir Parameter
CVE-2010-1169
PostgreSQL 7.4-9.0 Beta 1 - Authenticated Remote Code Execution via PL/perl
CVE-2010-1946
openMairie Openregistrecil 1.02 - Remote Code Execution via path_om Parameter
CVE-2010-1945
openMairie Openfoncier 2.00 - Remote File Inclusion via path_om Parameter
CVE-2010-1944
openMairie openCimetiere 2.01 - Remote Code Execution via path_om Parameter
CVE-2010-1934
openMairie openPlanning 1.00 - Remote Code Execution via path_om Parameter
CVE-2010-1927
openMairie openCourrier 2.02-2.03 beta - Remote Code Execution via path_om Parameter
CVE-2010-1922
29o3 CMS 0.1 - Remote File Inclusion via LibDir Parameter
CVE-2010-1921
OpenMairie openAnnuaire 2.00 - Remote File Inclusion via path_om Parameter
CVE-2010-0815
Microsoft Visual Basic for Applications - Remote Code Execution via Crafted Document
CVE-2010-1868
PHP 5.2-5.2.13 and 5.3-5.3.2 - Remote Code Execution via sqlite_single_query and sqlite_array_query
CVE-2010-1737
Carlos Eduardo Sotelo Pinto 0.1.0 - Code Injection
CVE-2010-1279
Adobe Photoshop CS4 - Remote Code Execution via Crafted TIFF File
CVE-2010-0402
OpenTTD < 1.0.1 - Authenticated Remote Code Execution via Crafted In-Game Command
CVE-2010-1528
Uiga Proxy - Remote Code Execution via Template Content Parameter
CVE-2010-1153
TYPO3 4.3.0-4.3.2 - Remote Code Execution via Autoloader ClassName Variable
CVE-2010-1165
Atlassian JIRA 3.12-4.1 - Authenticated Remote Code Execution via Path Modification
CVE-2010-1467
openUrgence Vaccin 1.03 - Remote Code Execution via path_om Parameter in PHP File Inclusion
CVE-2010-0256
Microsoft Visio 2002 SP2, 2003 SP3, 2007 SP1-SP2 - Remote Code Execution via Crafted File
CVE-2010-0254
Microsoft Visio 2002 SP2, 2003 SP3, 2007 SP1-SP2 - Remote Code Execution via Crafted File
CVE-2010-0195
Adobe Acrobat and Reader 9.x < 9.3.2 and 8.x < 8.2.2 - Remote Code Execution via Font Handling
CVE-2010-0191
Adobe Acrobat and Reader 9.x < 9.3.2 and 8.x < 8.2.2 - Remote Code Execution via Prefix Protocol Handler
CVE-2010-1360
FAQEngine 4.24.00 - Remote File Inclusion via path_faqe Parameter
CVE-2010-1351
Nodesforum 1.033 and 1.045 - Remote Code Execution via PHP File Inclusion
Details
Vulnerabilities
6,548
Exploit Likelihood
Medium