CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,556 vulnerabilities with CWE-94
CVE-2001-0308
Bajie java_http_server < 0.79 - Remote Code Execution via UploadServlet
CVE-2000-0155
Windows NT - Unauthenticated Code Execution via Autorun.inf
CVE-1999-0702
Internet Explorer 5.0 and 5.01 - Remote Code Execution via Import/Export Favorites
CVE-1999-0891
Internet Explorer 5 - Arbitrary File Read via Server-Side Redirect
CVE-1999-0491
bash < 2.04 - Local Command Execution via Directory Name Injection
CVE-1999-0509
Shell Interpreters - RCE
Details
Vulnerabilities
6,556
Exploit Likelihood
Medium