Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-19 | CVE-2021-24453 | The Include Me WordPress plugin through 1.2.1 is vulnerable to path traversal / local file inclusion, which can lead to Remote Code Execution (RCE) of the system due to log poisoning and therefore potentially a full compromise of the underlying structure | 0.0 |
| 2021-07-14 | CVE-2021-33678 | Code Injection vulnerability in SAP Netweaver AS Abap A function module of SAP NetWeaver AS ABAP (Reconciliation Framework), versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75B, 75C, 75D, 75E, 75F, allows a high privileged attacker to inject code that can be executed by the application. | 7.5 |
| 2021-07-12 | CVE-2021-23389 | Code Injection vulnerability in Totaljs Total.Js The package total.js before 3.4.9 are vulnerable to Arbitrary Code Execution via the U.set() and U.get() functions. | 7.5 |
| 2021-07-12 | CVE-2021-23390 | Code Injection vulnerability in Totaljs Total4 The package total4 before 0.0.43 are vulnerable to Arbitrary Code Execution via the U.set() and U.get() functions. | 7.5 |
| 2021-07-08 | CVE-2021-1585 | Code Injection vulnerability in Cisco Adaptive Security Device Manager A vulnerability in the Cisco Adaptive Security Device Manager (ASDM) Launcher could allow an unauthenticated, remote attacker to execute arbitrary code on a user's operating system. | 9.3 |
| 2021-06-30 | CVE-2021-27903 | Code Injection vulnerability in Craftcms Craft CMS An issue was discovered in Craft CMS before 3.6.7. | 7.5 |
| 2021-06-28 | CVE-2021-35514 | Code Injection vulnerability in Narou Project Narou Narou (aka Narou.rb) before 3.8.0 allows Ruby Code Injection via the title name or author name of a novel. | 7.5 |
| 2021-06-25 | CVE-2021-25654 | Code Injection vulnerability in Avaya Aura Device Services An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. | 4.6 |
| 2021-06-24 | CVE-2020-21784 | Code Injection vulnerability in PHPwcms 1.9.13 phpwcms 1.9.13 is vulnerable to Code Injection via /phpwcms/setup/setup.php. | 7.5 |
| 2021-06-17 | CVE-2020-25414 | Code Injection vulnerability in Monstra 3.0.4 A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code. | 7.5 |