CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,550 vulnerabilities with CWE-94
CVE-2007-5153
Sun Java System Access Manager 7.1 - Remote Code Execution
CVE-2007-5157
PHP Fidonet Tosser 1.3.0 - Remote Code Execution via SRC_PATH Parameter
CVE-2007-5160
Restaurant Management System 0.5 - Remote File Inclusion via DIR_ROOT or DIR_PAGE Parameter
CVE-2007-5163
Nexty 1.01.A Beta - Remote Code Execution via rel Parameter in layout.php
CVE-2007-5164
UniversiBO 1.3.4 - Remote Code Execution via phpbb_root_path Parameter
CVE-2007-5165
myipacng-stats 0.05 - Remote Code Execution via MINGS_BASE Parameter
CVE-2007-5166
SiteSys 1.0a - Remote Code Execution via doc_root Parameter
CVE-2007-5167
phplister 0.5-pre2 - Remote Code Execution via nom_rep_systeme Parameter
CVE-2007-5138
lustig.cms BETA 2.5 - Remote Code Execution via Forum View Parameter
CVE-2007-5139
chupix_cms 0.2.3 - Remote Code Execution via Repertoire Parameter
CVE-2007-5140
IntegraMOD Nederland 1.4.2 - Remote Code Execution via phpbb_root_path Parameter
CVE-2007-5124
AOL Instant Messenger < 6.5.3.12 - Remote Code Execution via Embedded IE Server Control
CVE-2007-5117
FrontAccounting 1.13 - Remote Code Execution via path_to_root Parameter
CVE-2007-5114
phpmyprofiler 0.9.6b - Remote Code Execution via pmp_rel_path Parameter
CVE-2007-5115
Mods 4 Xoops Contenido eZ publish - Remote Code Execution via cfgPathInc Parameter
CVE-2007-5096
guanxiCRM Business Solution 0.9.1 - Remote Code Execution via webmail2_inc_dir Parameter
CVE-2007-5097
CRITICAL
Online Fantasy Football League 0.2.6 - Remote Code Execution via DOC_ROOT Parameter
CVSS 9.8
CVE-2007-5098
DFD Cart < 1.1.4 - Remote Code Execution via set_depth Parameter
CVE-2007-5099
David Watters Helplink 0.1.0 - Remote Code Execution via show.php file Parameter
CVE-2007-5100
phpBB Plus < 1.53a - Remote Code Execution via phpbb_root_path Parameter
CVE-2007-5102
Wordsmith 1.0 RC1 - Remote Code Execution via _path Parameter
CVE-2007-5089
sk.log 0.5.3 - Remote Code Execution via SKIN_URL Parameter
CVE-2007-5053
izicontents < 1_rc6 - Remote Code Execution via URL Parameter Injection
CVE-2007-5054
izicontents < 1_rc6 - Remote Code Execution via gsLanguage Parameter
CVE-2007-5056
ADOdb Lite < 1.42 - Remote Code Execution via last_module Parameter
Details
Vulnerabilities
6,550
Exploit Likelihood
Medium