CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,549 vulnerabilities with CWE-94
CVE-2007-6731
Extended Module Player < 2.5.1 - Remote Code Execution via OXM File Negative Value Bypass
CVE-2007-5604
HP Instant Support < 1.0.0.23 - Remote Code Execution via ExtractCab Function
CVE-2007-5607
HP Instant Support < 1.0.0.23 - Remote Code Execution via RegistryString Function Buffer Overflow
CVE-2007-6339
Akamai Download Manager <2.2.3.5 - RCE
CVE-2007-5661
InstallShield < 12 SP2 - Remote Code Execution via Unvalidated DLL Parameter
CVE-2007-1201
Microsoft Office Web Components 2000 - RCE
CVE-2007-6706
IBM Lotus Notes < 7.0.2 - Remote Code Execution via Crafted SMTP Email
CVE-2007-0065
Microsoft Office and Visual Basic - Remote Code Execution via Crafted Script Request
CVE-2007-5663
Adobe Acrobat and Reader < 8.1.1 - Remote Code Execution via EScript.api JavaScript Method
CVE-2007-5666
Adobe Acrobat and Reader < 8.1.1 - Unauthenticated Remote Code Execution via Untrusted Search Path
CVE-2007-6415
scponly <4.6 - Command Injection
CVE-2007-6649
matpo_bilder_galerie 1.1 - Remote Code Execution via config[root_ordner] Parameter
CVE-2007-6652
xcms < 1.83 - Remote Code Execution via testo_0 Parameter in cpie.php
CVE-2007-6655
Kontakt Formular 1.4 - Remote Code Execution via root_path Parameter
CVE-2007-6657
Mihalism Multi Forum Host <3.0.x - RCE
CVE-2007-6632
xml2owl 0.1.1 - Remote Code Execution via showCode.php Path Parameter
CVE-2007-6614
Agares Media phpAutoVideo <2.21 - RCE
CVE-2007-6615
Agares Media phpAutoVideo <2.21 - Path Traversal
CVE-2007-6568
XZero Community Classifieds <4.95.11 - RCE
CVE-2007-6585
nmnnewsletter 1.0.7 - Remote Code Execution via confirmUnsubscription.php output Parameter
CVE-2007-6548
RunCMS < 1.6 - Authenticated PHP Code Injection via Admin Parameters
CVE-2007-6550
PMOS Help Desk <2.4 - Code Injection
CVE-2007-6553
TeamCal Pro < 3.1.000 - Remote Code Execution via CONF[app_root] Parameter
CVE-2007-6555
mosDirectory 2.3.2 - Remote Code Execution via GLOBALS[mosConfig_absolute_path] Parameter
CVE-2007-6539
IDevspot iSupport 1.8 - Local File Inclusion
Details
Vulnerabilities
6,549
Exploit Likelihood
Medium