Vulnerabilities > Improper Control of Generation of Code ('Code Injection')

DATE	CVE	VULNERABILITY TITLE	RISK
2022-05-19	CVE-2022-28960	Code Injection vulnerability in Spip A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the _oups parameter at /ecrire. network low complexity spip CWE-94	6.5
2022-05-16	CVE-2021-27446	Code Injection vulnerability in Weintek products The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system. network low complexity weintek CWE-94 critical	10.0
2022-05-16	CVE-2022-0578	Code Injection vulnerability in Publify Project Publify Code Injection in GitHub repository publify/publify prior to 9.2.8. network low complexity publify-project CWE-94	6.4
2022-05-12	CVE-2022-29307	Code Injection vulnerability in Ionizecms Ionize 1.0.8.1 IonizeCMS v1.0.8.1 was discovered to contain a command injection vulnerability via the function copy_lang_content in application/models/lang_model.php. network low complexity ionizecms CWE-94	7.5
2022-05-11	CVE-2021-42651	Code Injection vulnerability in Pentest Collaboration Framework Project Pentest Collaboration Framework 1.0.8 A Server Side Template Injection (SSTI) vulnerability in Pentest-Collaboration-Framework v1.0.8 allows an authenticated remote attacker to execute arbitrary code through /project/PROJECTNAME/reports/. network low complexity pentest-collaboration-framework-project CWE-94	6.5
2022-05-10	CVE-2022-29115	Code Injection vulnerability in Microsoft products Windows Fax Service Remote Code Execution Vulnerability. network microsoft CWE-94	6.8
2022-05-06	CVE-2022-24817	Code Injection vulnerability in Fluxcd Kustomize-Controller Flux2 is an open and extensible continuous delivery solution for Kubernetes. network low complexity fluxcd CWE-94	6.5
2022-05-04	CVE-2022-28096	Code Injection vulnerability in Skycaiji 2.4 Skycaiji v2.4 was discovered to contain a remote code execution (RCE) vulnerability via /SkycaijiApp/admin/controller/Develop.php. network low complexity skycaiji CWE-94	6.5
2022-04-28	CVE-2022-29813	Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible local low complexity jetbrains CWE-94	4.6
2022-04-28	CVE-2022-29814	Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible local jetbrains CWE-94	4.4