CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,552 vulnerabilities with CWE-94
CVE-2006-4696
Microsoft Windows Server Service - Remote Code Execution via SMB Rename Packet
CVE-2006-3435
Microsoft Office <2000 XP 2003 2004 Mac v.X - RCE
CVE-2006-3876
Microsoft Office - Remote Code Execution via Crafted PowerPoint Data Record
CVE-2006-4812
PHP 4 < 4.3.0 and 5 <= 5.1.6 - Remote Code Execution via Unserialize Integer Overflow
CVE-2006-5191
phpBB < 1.0 - Remote Code Execution via phpbb_root_path Parameter
CVE-2006-5220
WebYep 1.1.9 - Remote Code Execution via webyep_sIncludePath Parameter
CVE-2006-5101
Comdev CSV Importer <4.1 - Code Injection
CVE-2006-5093
Tagmin Control Center 2.1.B Build 2 - Remote Code Execution via Page Parameter
CVE-2006-5055
syntaxCMS 1.1.1-1.3 - Remote Code Execution via init_path Parameter
CVE-2006-5021
CRITICAL
redblog 0.5 - Remote Code Execution via PHP File Inclusion
CVSS 9.8
CVE-2006-5043
Joomlaboard Forum Component <1.1.2 - RCE
CVE-2006-5045
com_pollxt < 1.22.07 - Remote Code Execution via PHP File Inclusion
CVE-2006-5048
Joomla! com_securityimages <3.0.5 - RCE
CVE-2006-4694
Microsoft Office 2000, XP, and 2003 - Remote Code Execution via Crafted PPT Record
CVE-2006-4965
Apple QuickTime 7.1.3 - Remote Code Execution via QuickTime Media Link File
CVE-2006-4944
ProgSys < 0.151 - Remote Code Execution via phpdns_basedir Parameter
CVE-2006-4869
phpunity_postcard - Remote Code Execution via gallery_path Parameter
CVE-2006-4858
mamboxchange serverstat_component < 0.4.4 - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2006-4863
mcLinksCounter 1.1 - Remote File Inclusion via langfile Parameter
CVE-2006-4844
Claroline < 1.7.7 - Remote Code Execution via extAuthSource Parameter
CVE-2006-3442
Microsoft Windows XP SP2 and earlier - Remote Code Execution via Crafted Multicast Message
CVE-2006-4671
Fantastic News 2.1.4 - Remote File Inclusion Code Execution
CVE-2006-4672
ppalCart 2.5 EE - Remote Code Execution via proMod or docroot Parameter
CVE-2006-4666
Stefan Ernst Newsscript 0.5 beta - RCE
CVE-2006-4649
BinGo News < 3.01 - Remote Code Execution via bnrep Parameter
Details
Vulnerabilities
6,552
Exploit Likelihood
Medium