CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,550 vulnerabilities with CWE-94
CVE-2007-5309
webmaster-tips.net Flash Image Gallery 1.0 for Joomla! - Remote Code Execution via mosConfig_live_site Parameter
CVE-2007-5310
webmaster-tips.net wmtportfolio 1.0 for Joomla! - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2007-5313
Picturesolution < 2.1 - Remote Code Execution via Path Parameter in install/config.php
CVE-2007-5314
xkiosk_web 3.0.1i - Remote Code Execution via PEARPATH Parameter
CVE-2007-5315
LiveAlbum 0.9.0 - Remote Code Execution via livealbum_dir Parameter
CVE-2007-5294
IDMOS 1.0-beta - Remote Code Execution via site_absolute_path Parameter
CVE-2007-5295
Wikepage Opus 13 2007.2 - Cross-Site Scripting via PageContent or PageName Parameter
CVE-2007-5298
CMS Creamotion - Remote File Inclusion via cfg[document_uri] Parameter
CVE-2007-5305
ELSEIF CMS Beta 0.6 - Remote Code Execution via PHP File Inclusion
CVE-2007-5307
ELSEIF CMS Beta 0.6 - Remote Code Execution via SWFUpload Parameter Hash Collision
CVE-2007-5271
Trionic Cite CMS 1.2 rev9 - Remote Code Execution via bField[bf_data] Parameter
CVE-2007-5234
Ossigeno CMS 2.2 alpha3 - Remote Code Execution via Level Parameter
CVE-2007-5221
Poppawid 2.7 - Remote Code Execution via Form Parameter
CVE-2007-5224
Original Photo Gallery < 0.11.2 - Remote Code Execution via exif_prog Parameter
CVE-2007-5215
Jacob Hinkle GodSend 0.6 - Remote Code Execution via SCRIPT_DIR Parameter
CVE-2007-5216
e-ark 1.0 - Remote Code Execution via vcard_inc.php or email_inc.php Parameter Injection
CVE-2007-5173
phpBB Openid 0.2.0 - Remote Code Execution via openid_root_path Parameter
CVE-2007-5175
actsite 1.991 Beta - Remote Code Execution via BaseCfg[BaseDir] Parameter
CVE-2007-5178
mx_glance 2.3.3 - Remote Code Execution via mx_root_path Parameter
CVE-2007-5185
phpwcms-xt < 0.0.7_beta - Remote Code Execution via HTML_MENU_DirPath Parameter
CVE-2007-5186
Segue CMS < 1.8.4 - Remote Code Execution via themesdir Parameter
CVE-2007-5146
Der Dirigent 1.0 - Remote Code Execution via dedi_path Parameter
CVE-2007-5147
Puzzle Apps CMS 2.2.1 - Remote Code Execution via Multiple PHP File Inclusion Parameters
CVE-2007-5148
FrontAccounting 1.12 - Remote Code Execution via path_to_root Parameter
CVE-2007-5149
North Country Public Radio Public Media Manager 1.3 - Remote Code Execution via NewsCMS indir Parameter
Details
Vulnerabilities
6,550
Exploit Likelihood
Medium