CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,549 vulnerabilities with CWE-94
CVE-2008-6651
OxYProject OxYBox 0.85 - Remote Code Injection via edithistory.php oxymsg Parameter
CVE-2008-6636
Geody Dagger r12feb2008 - Remote Code Execution via dir_edge_skins Parameter
CVE-2008-6635
Geody Dagger r12feb2008 - Remote Code Execution via dir_inc Parameter
CVE-2008-6612
Minimal ABlog 0.4 - Unauthenticated Remote Code Execution via File Upload
CVE-2008-6591
LightNEasy 1.2.2 - Arbitrary File Creation via Page Parameter
CVE-2008-6584
TorrentFlux 2.3 - Authenticated Remote Code Execution via URL Upload Parameter
CVE-2008-6545
Web Server Creator Web Portal 0.1 - Remote Code Execution via langfile Parameter
CVE-2008-6544
Simple Machines Forum 1.1.4 - Remote Code Execution via settings[default_theme_dir] Parameter
CVE-2008-6543
ComScripts Quick Classifieds 1.0 - Remote File Inclusion via DOCUMENT_ROOT Parameter
CVE-2008-6539
DeStar 0.2.2-5 - Authenticated Static Code Injection via Pin Parameter
CVE-2008-6531
Atlassian JIRA < 3.13.2 - Remote Code Execution via WebWork 1 Parameter Injection
CVE-2008-6518
VidiScript - Authenticated Remote Code Execution via Avatar Upload
CVE-2008-6513
Aphpkb - Code Injection
CVE-2008-6499
XAMPP 1.6.8 - Remote Code Execution via SERVER Superglobal Variable Spoofing
CVE-2008-6491
phpgkit 0.9 - Remote Code Execution via DOCUMENT_ROOT Parameter
CVE-2008-6486
SharedLog - Remote Code Execution via GLOBALS[root_dir] Parameter
CVE-2008-6483
VirtueMart Google Base 1.1 - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2008-6482
Flash Tree Gallery (com_treeg) 1.0 - Remote Code Execution via mosConfig_live_site Parameter
CVE-2008-6474
F5 TMOS - Authenticated Perl Code Injection via Configuration Settings
CVE-2008-6446
CMS MAXSITE - Remote Code Execution via Guestbook Message Parameter
CVE-2008-6421
Social Site Generator 2.0 - Remote Code Execution via social_game_play.php Path Parameter
CVE-2008-6408
ol'bookmarks 0.7.5 - Remote Code Execution via frame.php framefile Parameter
CVE-2008-6403
openrat < 0.8-beta4 - Remote Code Execution via tpl_dir Parameter
CVE-2008-6402
sofi_webgui < 0.6.3pre - Remote Code Execution via mod_dir Parameter
CVE-2008-6377
Multi SEO phpBB 1.1.0 - Remote Code Execution via pfad Parameter
Details
Vulnerabilities
6,549
Exploit Likelihood
Medium