Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-19 | CVE-2022-28960 | Code Injection vulnerability in Spip A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the _oups parameter at /ecrire. | 6.5 |
2022-05-16 | CVE-2021-27446 | Code Injection vulnerability in Weintek products The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system. | 10.0 |
2022-05-16 | CVE-2022-0578 | Code Injection vulnerability in Publify Project Publify Code Injection in GitHub repository publify/publify prior to 9.2.8. | 6.4 |
2022-05-12 | CVE-2022-29307 | Code Injection vulnerability in Ionizecms Ionize 1.0.8.1 IonizeCMS v1.0.8.1 was discovered to contain a command injection vulnerability via the function copy_lang_content in application/models/lang_model.php. | 7.5 |
2022-05-11 | CVE-2021-42651 | Code Injection vulnerability in Pentest Collaboration Framework Project Pentest Collaboration Framework 1.0.8 A Server Side Template Injection (SSTI) vulnerability in Pentest-Collaboration-Framework v1.0.8 allows an authenticated remote attacker to execute arbitrary code through /project/PROJECTNAME/reports/. | 6.5 |
2022-05-10 | CVE-2022-29115 | Code Injection vulnerability in Microsoft products Windows Fax Service Remote Code Execution Vulnerability. | 6.8 |
2022-05-06 | CVE-2022-24817 | Code Injection vulnerability in Fluxcd Kustomize-Controller Flux2 is an open and extensible continuous delivery solution for Kubernetes. | 6.5 |
2022-05-04 | CVE-2022-28096 | Code Injection vulnerability in Skycaiji 2.4 Skycaiji v2.4 was discovered to contain a remote code execution (RCE) vulnerability via /SkycaijiApp/admin/controller/Develop.php. | 6.5 |
2022-04-28 | CVE-2022-29813 | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible | 4.6 |
2022-04-28 | CVE-2022-29814 | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible | 4.4 |