Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-94

CWE-94

Medium likelihood

Improper Control of Generation of Code ('Code Injection')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

6,507 vulnerabilities with CWE-94

CVE-2024-52959 HIGH

iota C.ai Conversational Platform <2.1.3 - Code Injection

CVE-2024-11820 LOW

Code-projects Crud Operation System 1.0 - XSS

CVE-2024-11742 LOW

SourceCodester Best House Rental Management System 1.0 - XSS

CVE-2024-11699 HIGH

Firefox < 133 and ESR < 128.5 - Remote Code Execution

CVE-2024-11697 HIGH

Firefox < 133 and ESR < 128.5 - Unauthenticated Code Execution via Keypress Event Dialog Bypass

CVE-2024-11002 MEDIUM

InPost Gallery < 2.1.4.2 - Arbitrary Shortcode Execution

CVE-2024-11678 LOW

CodeAstro Hospital Management System 1.0 - XSS

CVE-2024-11677 LOW

CodeAstro Hospital Management System 1.0 - XSS

CVE-2024-52899 HIGH

IBM Data Virtualization Manager for z/OS 1.1-1.2 - Authenticated Remote Code Execution via JDBC URL Parameter Injection

CVE-2024-11676 LOW

CodeAstro Hospital Management System 1.0 - XSS

CVE-2024-11675 LOW

CodeAstro Hospital Management System 1.0 - XSS

CVE-2024-53554 HIGH

Taiga 8.6.1 - Client-Side Template Injection in New Scrum Project Details

CVE-2024-53268 HIGH

Joplin < 3.0.3 - Remote Code Execution via Unfiltered URI Scheme Handling

CVE-2024-11660 LOW

Farmacia 1.0 - Cross-Site Scripting via usuario.php name Parameter

CVE-2024-11034 HIGH

WooCommerce & Elementor < 1.4 - Unauthenticated Shortcode Execution via fire_contact_form

CVE-2024-51367 CRITICAL

BlackBoard <2.0.0.2 - Code Injection

CVE-2024-11587 LOW

idcCMS 1.60 - Cross-Site Scripting in GetCityOptionJs Function

CVE-2024-52765 CRITICAL

H3C GR-1800AX MiniGRW1B0V100R007 - Remote Code Execution via aspForm Parameter

CVE-2024-11493 LOW

115cms < 2024-08-07 - Cross-Site Scripting via tid Parameter in /index.php/setpage/admin/pageAE.html

CVE-2024-11492 LOW

115cms < 2024-08-07 - Cross-Site Scripting via tid Parameter in Admin Web App URL Add

CVE-2024-11491 LOW

115cms < 2024-08-07 - Cross-Site Scripting via ks Parameter in Admin User Management

CVE-2024-11490 LOW

115cms < 2024-08-07 - Cross-Site Scripting via /index.php/admin/web/set.html Type Parameter

CVE-2024-11489 LOW

115cms < 2024-08-07 - Cross-Site Scripting via ks Parameter in Admin File Management

CVE-2024-11488 LOW

115cms < 2024-08-07 - Cross-Site Scripting via ks Argument in /app/admin/view/web_user.html

CVE-2024-10094 CRITICAL

Pega Platform <24.1.1 - Info Disclosure

Previous Page 97 of 261 Next

Details

Vulnerabilities 6,507

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy