CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,549 vulnerabilities with CWE-94
CVE-2008-2199
Kmita Mail < 3.0 - Remote Code Execution via HTML Code File Parameter
CVE-2008-0119
Microsoft Office Publisher Remote Code Execution via Crafted Object Header Data
CVE-2008-1091
Microsoft Office - Remote Code Execution via Malformed RTF String
CVE-2008-2160
Microsoft Windows CE 5.0 - Remote Code Execution via Crafted JPEG and GIF Images
CVE-2008-2128
CMS Faethon 2.2 Ultimate - Remote Code Execution via mainpath Parameter
CVE-2008-1669
Linux kernel <2.6.25.2 - Code Injection
CVE-2008-2074
Harris Wap Chat 1.0 - Remote Code Execution via sysFileDir Parameter
CVE-2008-1381
ZoneMinder <1.23.3 - Command Injection
CVE-2008-2044
netOffice Dwins 1.3 p2 - Unauthenticated Remote Code Execution via demoSession Authentication Bypass
CVE-2008-2041
eGroupWare <1.4.004 - Unspecified Vuln
CVE-2008-2016
Chilek Content Management System <2.0.4 - RCE
CVE-2008-1997
IBM DB2 8-9.1-9.5 - Authenticated Remote Code Execution via ADMIN_SP_C2 Procedure
CVE-2008-1989
123 Flash Chat 6.8.0 module for e107 - Remote Code Execution via e107path Parameter
CVE-2008-1958
Tr Script News 2.1 - Authenticated Remote Code Execution via File Upload
CVE-2008-1963
Quate Grape Web Statistics 0.2a - Remote Code Execution via Location Parameter
CVE-2008-1965
IBM Lotus Expeditor Client for Desktop <6.1.2 - Command Injection
CVE-2008-1926
util-linux-ng <2.14 - Code Injection
CVE-2008-1903
Newanz NewsOffice 1.0 and 1.1 - Remote Code Execution via news_show.php newsoffice_directory Parameter
CVE-2008-1893
W2B Online Banking - Remote Code Execution via ilang Parameter
CVE-2008-1860
LokiCMS < 0.3.3 - Remote Code Execution via Default Parameter
CVE-2008-1862
exbb_italia < 0.2.2 - Remote File Inclusion via new_exbb[home_path] or exbb[home_path] Parameter
CVE-2008-1866
PixelMotion Blog - Authenticated PHP ZIP Upload Code Execution
CVE-2008-1876
VisualPic 0.3.1 - Remote Code Execution via _CONFIG[files][functions_page] Parameter
CVE-2008-1786
Multiple CA Products - Remote Code Execution
CVE-2008-1773
Dragoon 0.1 - Remote Code Execution
Details
Vulnerabilities
6,549
Exploit Likelihood
Medium