VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Control of Generation of Code ('Code Injection')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-05-15
CVE-2025-3053
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.5.07 via the uip_process_form_input() function.
network
low complexity
CWE-94
8.8
8.8
2025-05-13
CVE-2025-43010
SAP S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) allows an authenticated attacker with SAP standard authorization to execute a certain function module remotely and replace arbitrary ABAP programs, including SAP standard programs.
network
low complexity
CWE-94
8.3
8.3
2025-05-11
CVE-2025-4551
A vulnerability, which was classified as problematic, was found in ContiNew Admin up to 3.6.0.
network
low complexity
CWE-94
3.5
3.5
2025-05-10
CVE-2025-4495
A vulnerability has been found in JAdmin-JAVA JAdmin 1.0 and classified as problematic.
network
low complexity
CWE-94
3.5
3.5
2025-05-09
CVE-2025-4469
Code Injection vulnerability in Senior-Walter Online Student Clearance System 1.0
A vulnerability classified as problematic has been found in SourceCodester Online Student Clearance System 1.0.
network
low complexity
senior-walter
CWE-94
5.4
5.4
2025-05-09
CVE-2025-4470
Code Injection vulnerability in Senior-Walter Online Student Clearance System 1.0
A vulnerability classified as problematic was found in SourceCodester Online Student Clearance System 1.0.
network
low complexity
senior-walter
CWE-94
5.4
5.4
2025-05-09
CVE-2025-4461
A vulnerability classified as problematic was found in TOTOLINK N150RT 3.4.0-B20190525.
network
low complexity
CWE-94
2.4
2.4
2025-05-09
CVE-2025-4460
A vulnerability classified as problematic has been found in TOTOLINK N150RT 3.4.0-B20190525.
network
low complexity
CWE-94
2.4
2.4
2025-05-08
CVE-2025-4208
The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to Limited Code Execution in all versions up to, and including, 8.9.1 via the get_table_records function.
network
low complexity
CWE-94
6.3
6.3
2025-05-08
CVE-2024-13793
The Wolmart | Multi-Vendor Marketplace WooCommerce Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.8.11.
network
low complexity
CWE-94
7.3
7.3
«
1
(current)
2
3
4
5
...
124
125
»
Next