CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,549 vulnerabilities with CWE-94
CVE-2008-2086
Sun JDK and JRE < 6 Update 11 - Remote Code Execution via Crafted JNLP File
CVE-2008-5334
NitroTech 0.0.3a - Remote Code Execution via Root Parameter
CVE-2008-5332
Pie 0.5.3 - Remote Code Execution via PHP File Inclusion
CVE-2008-5288
Werner Hilversum FAQ Manager 1.2 - RCE
CVE-2008-5227
phpcow - Remote Code Execution via File Inclusion
CVE-2008-5210
PhpBlock A8.5 - Remote Code Execution via PATH_TO_CODE Parameter
CVE-2008-5206
MosXML - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2008-5199
PHPOutsourcing IdeaBox 1.1 - Remote Code Execution via gorumDir Parameter
CVE-2008-5173
testmaker < 3.0p16 - Authenticated PHP Code Injection
CVE-2008-5167
Boonex Orca 2.0 and 2.0.2 - Remote Code Execution via gConf[dir][layouts] Parameter
CVE-2008-5108
Adobe AIR < 1.1 - Remote Code Execution
CVE-2008-5090
Advanced Electron Forum < 1.0.7 - Remote Code Execution via BBCode Email Parameter
CVE-2008-5071
Yoxel < 1.23beta - Authenticated PHP Code Injection via proj_id Parameter
CVE-2008-5066
Agares Media ThemeSiteScript 1.0 - Remote Code Execution via Frontpage Right PHP File Inclusion
CVE-2008-5063
OTManager 2.4 - Remote Code Execution via Tipo Parameter
CVE-2008-5060
ModernBill < 4.4 - Remote Code Execution via DIR Parameter File Inclusion
CVE-2008-5053
Joomla com_rssreader 1.0 - Remote Code Execution via mosConfig_live_site Parameter
CVE-2008-5015
Firefox < 3.0.4 - Privilege Escalation via file: URI Chrome Privilege Assignment
CVE-2008-4387
SAP SAPgui - Remote Code Execution via Simba MDrmSap ActiveX Control
CVE-2008-4911
Chattaitaliano Istant-Replay - Remote Code Execution via read.php data Parameter
CVE-2008-4810
Smarty < r2797 - Remote Code Execution via Template Dollar-Sign Injection
CVE-2008-4798
WebGUI < 7.5.30 - Remote Code Execution via Perl Module Upload
CVE-2008-4735
CoAST 0.95 - Remote Code Execution via sections_file Parameter
CVE-2008-4250
CRITICAL
KEV
Microsoft Windows Server Service - Remote Code Execution via Crafted RPC Request
CVSS 9.8
CVE-2008-4720
The Gemini Portal 4.7 - Remote Code Execution via Lang Parameter File Inclusion
Details
Vulnerabilities
6,549
Exploit Likelihood
Medium