CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,549 vulnerabilities with CWE-94
CVE-2008-4719
openengine 2.0 beta2 - Remote Code Execution via oe_classpath Parameter
CVE-2008-4704
SezHoo 0.1 - Remote Code Execution via IP Parameter
CVE-2008-4687
Mantis < 1.1.4 - Authenticated Remote Code Execution via Sort Parameter
CVE-2008-4673
Events Calendar 1.1 - Remote Code Execution via path[docroot] or component Parameter
CVE-2008-4645
phpwebgallery <= 1.7.2 - Authenticated Remote Code Execution via Event Tracer Sort Parameter
CVE-2008-4624
Fast Click SQL Lite 1.1.7 - Remote Code Execution via CFG[CDIR] Parameter
CVE-2008-4557
CuteNews 1.1.1 - Remote Code Execution via Text Parameter in Highlight Plugin
CVE-2008-4385
System Requirements Lab 3 - Remote Code Execution via Malicious Website Argument to Init Method
CVE-2008-4529
asiCMS alpha 0.208 - Remote Code Execution via _ENV[asicms][path] Parameter
CVE-2008-4502
DataFeedFile PHP Framework API - Remote Code Execution via DFF_config[dir_include] Parameter
CVE-2008-4451
ESET System Analyzer Tool 1.1.1.0 - Local Privilege Escalation via IOCTL Request
CVE-2008-4439
MartinWood Datafeed Studio < 1.6.2 - Remote Code Execution via INSTALL_FOLDER Parameter
CVE-2008-3638
Java on Apple Mac OS X 10.5.4-10.5.5 - RCE
CVE-2008-4206
Attachmax Dolphin <= 2.1.0 - Remote Code Execution via rel_path Parameter
CVE-2008-4141
x10media .x10_automatic_mp3_script 1.5.5 - Remote File Inclusion via web_root Parameter
CVE-2008-4138
TECHNOTE 7 - Remote Code Execution via shop_this_skin_path Parameter
CVE-2008-4188
TYPO3 Secure Directory < 1.0.2 - Remote Code Execution via Control Character Injection
CVE-2008-3949
Emacs 22.1-22.2 - Remote Code Execution
CVE-2008-4134
phpRealty < 0.03 - Remote Code Execution via INC Parameter
CVE-2008-1093
Acresso InstallShield Update Agent - RCE
CVE-2008-4047
Novell Forum 7.0-8.0 - Remote Code Execution via TCL Code Injection
CVE-2008-3956
Microsoft Organization Chart 2.00 - DoS/Code Injection
CVE-2008-2253
Windows Media Player 11 - Remote Code Execution via Crafted Audio-Only File
CVE-2008-2436
Novell iPrint Client - Remote Code Execution via Long Argument to ActiveX Control Functions
CVE-2008-3919
JustSystems Ichitaro - Remote Code Execution via Crafted JTD Document
Details
Vulnerabilities
6,549
Exploit Likelihood
Medium