CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,552 vulnerabilities with CWE-94
CVE-2006-5621
ask_rave < 0.9b - Remote Code Execution via end.php footfile Parameter
CVE-2006-5612
GestArt beta 1 - Remote Code Execution via aide Parameter
CVE-2006-5610
CRITICAL
Fully Modded phpBB 2021.4.40 - Remote Code Execution via phpbb_root_path Parameter
CVSS 9.8
CVE-2006-5517
Rhode Island Open Meetings Filing System - Remote Code Execution via PROJECT_ROOT Parameter
CVE-2006-5519
MambWeather < 1.8.1 - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2006-5506
WiClear 0.10 - Remote Code Execution via Path Parameter in Multiple PHP Scripts
CVE-2006-5507
Der Dirigent 1.0.3 - Remote Code Execution via cfg_dedi[dedi_path] Parameter
CVE-2006-5494
PHP-Nuke pandaBB module - Remote Code Execution via adminpath or basepath Parameter
CVE-2006-5480
Castor PHP Web Builder 1.1.1 - Remote Code Execution via rootpath Parameter
CVE-2006-5481
Castor PHP Web Builder 1.1.1 - Remote Code Execution via rootpath Parameter
CVE-2006-5439
Comdev Misc Tools 4.1 - Remote Code Execution via path[docroot] Parameter
CVE-2006-5418
phpBB SearchIndexer - Remote Code Execution via phpbb_root_path Parameter
CVE-2006-5399
PHPRecipeBook 2.36 - Remote Code Execution via g_rb_basedir Parameter
CVE-2006-5402
phpmybibli < 3.0.1 - Remote Code Execution via Path Parameter Injection
CVE-2006-5390
phpBB ACP User Registration Module - Remote Code Execution via phpbb_root_path Parameter
CVE-2006-5310
Les Visiteurs 2.0.1 - Remote Code Execution via lvc_include_dir Parameter
CVE-2006-5301
phpBB SpamBlockerMOD < 1.0.2 - Remote Code Execution via phpbb_root_path Parameter
CVE-2006-5302
Redaction System 1.0000 - Remote Code Execution via PHP File Inclusion
CVE-2006-5306
phpbb journals_system_module < 1.0.2_rc2 - Remote Code Execution via phpbb_root_path Parameter
CVE-2006-5291
Alex Downloadengine - Code Injection
CVE-2006-5280
Leicestershire communityPortals < 1.build_20051018 - Remote Code Execution via cp_root_path Parameter
CVE-2006-5258
Asbru Web Content Management < 6.1.20 - Remote Code Execution via Spell Check Parameter
CVE-2006-3650
Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac - Remote Code Execution via Malformed Chart Record
CVE-2006-3864
Microsoft Office - Remote Code Execution via Malformed Record in Office Files
CVE-2006-3877
Microsoft PowerPoint - Remote Code Execution via Crafted File
Details
Vulnerabilities
6,552
Exploit Likelihood
Medium