CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,554 vulnerabilities with CWE-94
CVE-2006-4666
Stefan Ernst Newsscript 0.5 beta - RCE
CVE-2006-4649
BinGo News < 3.01 - Remote Code Execution via bnrep Parameter
CVE-2006-4637
ACGV News 0.9.1 - Remote Code Execution via PathNews Parameter
CVE-2006-4639
C-News < 1.0.1 - Remote Code Execution via Path Parameter in Multiple PHP Scripts
CVE-2006-4624
Mailman < 2.1.8 - CRLF Injection in Utils.py
CVE-2006-4583
FlashChat < 4.6.1_beta - Remote Code Execution via dir[inc] Parameter
CVE-2006-4553
com_comprofiler Component - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2006-4533
Plume CMS < 1.0.6 - Remote Code Execution via _PX_config[manager_path] Parameter
CVE-2006-4476
Joomla! < 1.0.11 - Multiple Injection Flaws
CVE-2006-4285
Fantastic News <= 2.1.5 - Remote Code Execution via CONFIG[script_path] Parameter
CVE-2006-4288
a6mambocredits component for Mambo - Remote Code Execution via mosConfig_live_site Parameter
CVE-2006-4270
mambelfish_component < 1.1 - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2006-4195
Peoplebook Component for Mambo < 1.1.2 - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2006-4204
phprojekt < 5.1 - Remote Code Execution via path_pre or lib_path Parameter
CVE-2006-4215
Zen Cart < 1.3.0.2 - Remote Code Execution via autoLoadConfig Parameter
CVE-2006-4159
Chaussette < 080706 - Remote Code Execution via _BASE Parameter File Inclusion
CVE-2006-4130
Remository for Mambo < 3.25 - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2006-4111
Ruby on Rails < 1.1.5 - Remote Code Execution via HTTP Header LOAD_PATH Manipulation
CVE-2006-4074
Joomla JD-Wiki < 1.0.2 - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2006-4026
SAPID CMS 123 rc3 - Remote Code Execution via root_path Parameter
CVE-2006-3980
Mambo Gallery Manager < 0.95r2 - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2006-3995
User Home Pages 0.5 - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2006-3966
MyNewsGroups :) < 0.6b - Remote Code Execution via myng_root Parameter
CVE-2006-3947
Mambatstaff < 3.1b - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2006-3949
Mambo Artlinks Component - Remote Code Execution via mosConfig_absolute_path Parameter
Details
Vulnerabilities
6,554
Exploit Likelihood
Medium