CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,550 vulnerabilities with CWE-94
CVE-2007-5065
Joomla Flash Slide Show Component - Remote Code Execution via mosConfig_live_site Parameter
CVE-2007-5045
Apple QuickTime < 7.1.5 - Remote Code Execution via QuickTime Media Link File
CVE-2007-5020
Adobe Acrobat and Reader 8.1 - Remote Code Execution via Crafted PDF File
CVE-2007-5009
phpBB Plus 1.53-1.53a - Remote Code Execution via phpbb_root_path Parameter
CVE-2007-5014
pSlash 0.70 - Remote Code Execution via lvc_admin_dir or lvc_include_dir Parameter
CVE-2007-5015
Streamline PHP Media Server 1.0-beta4 - Remote Code Execution via sl_theme_unix_path Parameter
CVE-2007-4978
phpsyncml < 0.1.2 - Remote Code Execution via base_dir Parameter
CVE-2007-4947
myphpPagetool 0.4.3 - Remote Code Execution via ptinclude Parameter
CVE-2007-4948
Webmedia Explorer 3.2.2 - Remote Code Execution via Path Include Parameter
CVE-2007-4949
phpReactor 1.2.7pl1 - Remote File Inclusion via pathtohomedir Parameter
CVE-2007-4950
PHPortal 0.2.7 - Remote Code Execution via DOCUMENT_ROOT Parameter
CVE-2007-4951
YaPiG 0.95b - Remote Code Execution via YAPIG_PATH Parameter
CVE-2007-4954
joom12pic_component - Remote Code Execution via mosConfig_live_site Parameter
CVE-2007-4955
Joomla Flash Fun! Component - Remote Code Execution via mosConfig_live_site Parameter
CVE-2007-4942
Focus/SIS 1.0 - Remote Code Execution via FocusPath Parameter
CVE-2007-4933
Shop-Script FREE <= 2.0 - Remote Code Execution via Appearance Configuration Parameters
CVE-2007-4934
phpFFL 1.24 - Remote Code Execution via PHPFFL_FILE_ROOT Parameter
CVE-2007-4935
phpFFL 1.24 - Remote Code Execution via PHPFFL_FILE_ROOT Parameter
CVE-2007-4913
Invision Power Board < 2.3.1 - Arbitrary File Upload via Crafted Image Filename
CVE-2007-4921
Ajax File Browser 3 Beta - Remote Code Execution via approot Parameter
CVE-2007-4923
Joomla Radio 5 - Remote Code Execution via mosConfig_live_site Parameter
CVE-2007-4906
NuclearBB Alpha 2 - Remote Code Execution via root_path Parameter
CVE-2007-4907
X-Cart - Remote Code Execution via xcart_dir Parameter
CVE-2007-4886
AuraCMS 1.x and 2.x - Remote Code Execution via pilih Parameter URL Injection
CVE-2007-4834
phpRealty 0.02 - Remote Code Execution via MGR Parameter File Inclusion
Details
Vulnerabilities
6,550
Exploit Likelihood
Medium