CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,550 vulnerabilities with CWE-94
CVE-2007-5574
phpdj 0.5 - Remote Code Execution via djpage.php page Parameter
CVE-2007-5492
SiteBar 3.3.8 - Authenticated PHP Code Injection via Translation Module
CVE-2007-5457
Joomla Flash Uploader 2.5.1 - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2007-5451
com_colorlab 1.0 - Remote Code Execution via mosConfig_live_site Parameter
CVE-2007-5453
Php-Stats 0.1.9.2 - Authenticated Remote Code Execution via Eval Injection in Admin Options
CVE-2007-5456
Microsoft Internet Explorer < 7 - Arbitrary Executable Download via Filename Extension Spoofing
CVE-2007-5331
CA BrightStor ARCServe Backup 9.01-R11.5 - Remote Code Execution via Malformed ONRPC Request
CVE-2007-5423
TikiWiki 1.9.8 - Remote Code Execution via tiki-graph_formula.php f Parameter
CVE-2007-5425
Interspire ActiveKB 1.5 - SQL Injection via questId Parameter
CVE-2007-5418
CARE2X 2G 2.2 - Remote Code Execution via root_path Parameter
CVE-2007-5407
JContentSubscription 1.5.8 - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2007-5409
NuSEO PHP Enterprise 1.6 - Remote Code Execution via nuseo_dir Parameter
CVE-2007-5410
Joomla Flash RSS Reader Component - Remote Code Execution via mosConfig_live_site Parameter
CVE-2007-5412
Quoc-Huy MP3 Allopass 1.0 - Remote Code Execution via mosConfig_live_site Parameter
CVE-2007-5387
Pindorama 0.1 - Remote Code Execution via XMLRPC Client Component Parameter
CVE-2007-5388
WebDesktop 0.1 - Remote Code Execution via PHP File Inclusion
CVE-2007-5389
Joomla swMenuFree 4.6 - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2007-5390
picoflat_cms < 0.4.14 - Remote Code Execution via Pagina Parameter
CVE-2007-5362
MOSMedia Lite 4.5.1 - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2007-5363
Joomla Panoramic Picture Viewer 1.0 - Remote Code Execution via mosConfig_live_site Parameter
CVE-2007-2217
Kodak Image Viewer - Remote Code Execution via Crafted TIFF File
CVE-2007-3892
Internet Explorer 5.01-7 - URL Spoofing
CVE-2007-3899
Microsoft Word 2000/2002 SP3 & Office 2004 for Mac - RCE via Malformed String
CVE-2007-4466
Electronic Arts SnoopyCtrl - Stack-Based Buffer Overflow
CVE-2007-5321
Verlihub Control Panel <= 1.7 - Path Traversal via Page Parameter
Details
Vulnerabilities
6,550
Exploit Likelihood
Medium