CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,550 vulnerabilities with CWE-94
CVE-2007-6082
Sciurus Hosting Panel - Code Injection
CVE-2007-6088
phpbbviet < 02.03.07 - Remote Code Execution via phpbb_root_path Parameter
CVE-2007-6089
mebiblio 0.4.5 - Remote Code Execution via Index.php Action Parameter
CVE-2007-6057
datecomm Social Networking Script - RCE
CVE-2007-6042
SWSoft Confixx Professional 3.2.1 - Remote Code Execution via fehler.inc.php File Inclusion
CVE-2007-6038
JUser 1.0.14 - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2007-6029
ClamAV 0.91.1 and 0.91.2 - Remote Code Execution
CVE-2007-6027
Joomla! Carousel Flash Image Gallery - RCE
CVE-2007-5994
yappa-ng 2.3.2 - Remote Code Execution via config[path_src_include] Parameter
CVE-2007-5995
patBBcode 1.0 - Remote Code Execution via bbcodeSource.php Example Parameter
CVE-2007-5914
JBC Explorer <7.20 RC1 - Code Injection
CVE-2007-5741
Plone 2.5-2.5.4 and 3.0-3.0.2 - Remote Code Execution via Unpickling in Statusmessages and Linkintegrity Modules
CVE-2007-5840
SyndeoCMS 2.5.01 - Remote Code Execution via cmsdir Parameter
CVE-2007-5841
nuBoard 0.5 - Remote Code Execution
CVE-2007-5842
Vortex Portal 1.0.42 - Remote Code Execution via cfgProgDir Parameter
CVE-2007-5843
scWiki 1.0 Beta 2 - Remote Code Execution via pathdot Parameter
CVE-2007-5845
GuppY <4.6.3, 4.5.16 - Path Traversal
CVE-2007-5822
Ben Ng Scribe <0.2 - Code Injection
CVE-2007-5837
yarssr 0.2.2 - Remote Code Execution via Shell Metacharacters in Feed Link Element
CVE-2007-5800
BackUpWordPress < 0.4.2b - Remote Code Execution via bkpwp_plugin_path Parameter
CVE-2007-5772
Flatnuke 3 - Authenticated PHP Code Injection via Download Module Description
CVE-2007-5775
CRITICAL
BitDefender Antivirus Internet Security and Total Security - Remote Code Execution
CVSS 9.8
CVE-2007-5780
teatro < 1.6 - Remote Code Execution via basePath Parameter
CVE-2007-5781
Sige 0.1 - Remote Code Execution via SYS_PATH Parameter
CVE-2007-5783
emagic_cms.net 4.0 - SQL Injection via pageId Parameter
Details
Vulnerabilities
6,550
Exploit Likelihood
Medium