CWE-94

Medium likelihood

Improper Control of Generation of Code ('Code Injection')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

6,549 vulnerabilities with CWE-94
CVE-2008-6373
Nagios < 3.0.6 - Remote Code Execution via Adaptive External Commands
CVE-2008-6347
Onguma Time Sheet 2.0 4b - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2008-6318
PHPmyGallery 1.5 beta - Remote Code Execution via admindir Parameter
CVE-2008-6315
PHPmyGallery 1.0 beta2 - Remote Code Execution via confdir Parameter
CVE-2008-6305
Free Directory Script 1.1.1 - Remote Code Execution via API_HOME_DIR Parameter
CVE-2008-6287
Broadcast Machine 0.1 - Remote Code Execution via baseDir Parameter
CVE-2008-6251
phpFan 3.3.4 - Remote Code Execution via Includepath Parameter
CVE-2008-3075
Vim 7.0-7.2 - Remote Code Execution via ZIP Archive Filename
CVE-2008-6223
Way Of The Warrior 5.0 - Remote Code Execution via plancia Parameter
CVE-2008-6221
Dada Mail Manager 2.6 - Remote Code Execution via GLOBALS[mosConfig_absolute_path] Parameter
CVE-2008-6206
RobotStats 0.1 - Remote Code Execution via DOCUMENT_ROOT Parameter
CVE-2008-6196
Philippe CROCHAT EasySite 2.0 - Remote Code Execution via EASYSITE_BASE Parameter
CVE-2008-6178
FCKeditor 2.2 - Remote Code Execution via ZIP File Upload
CVE-2008-6138
WebBiscuits Modules Controller <1.1 - RCE
CVE-2008-6132
phpScheduleIt <1.2.10 - Code Injection
CVE-2008-6103
a4desk Flash Event Calendar - Remote Code Execution via index.php v Parameter
CVE-2008-6099
RPortal < 1.1 - Remote Code Execution via File Op Parameter
CVE-2008-6066
Meet#Web 0.8 - Remote Code Execution via root_path Parameter
CVE-2008-6036
BaseBuilder < 2.0.1 - Remote Code Execution via mj_config[src_path] Parameter
CVE-2008-6023
xnova < 0.8 - Remote Code Execution via xnova_root_path Parameter
CVE-2008-6022
Xnova - Remote Code Execution via ugamela_root_path Parameter
CVE-2008-6006
Micronation Banking System <1.5.0 - RCE
CVE-2008-5949
cctiddly 1.7.4 and 1.7.6 - Remote Code Execution via cct_base Parameter
CVE-2008-5947
YapBB 1.2 Beta 2 - Remote File Inclusion Code Execution
CVE-2008-5938
MODx CMS <0.9.6.2 - Remote Code Execution
Details
Vulnerabilities 6,549
Exploit Likelihood Medium