Vulnerabilities > Improper Control of Generation of Code ('Code Injection')

DATE CVE VULNERABILITY TITLE RISK
2024-04-15 CVE-2024-3784 Code Injection vulnerability in Whitebearsolutions Wbsairback 21.02.04
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through S3 Accounts (/admin/CloudAccounts).
network
low complexity
whitebearsolutions CWE-94
6.6
6.6
2024-04-10 CVE-2024-31996 Code Injection vulnerability in Xwiki
XWiki Platform is a generic wiki platform.
network
low complexity
xwiki CWE-94
critical
 9.8
9.8
2024-04-10 CVE-2024-31465 Code Injection vulnerability in Xwiki
XWiki Platform is a generic wiki platform.
network
low complexity
xwiki CWE-94
8.8
8.8
2024-04-10 CVE-2024-31982 Code Injection vulnerability in Xwiki
XWiki Platform is a generic wiki platform.
network
low complexity
xwiki CWE-94
critical
 9.8
9.8
2024-04-10 CVE-2024-31984 Code Injection vulnerability in Xwiki
XWiki Platform is a generic wiki platform.
network
low complexity
xwiki CWE-94
8.8
8.8
2024-04-09 CVE-2023-47542 Code Injection vulnerability in Fortinet Fortimanager
A improper neutralization of special elements used in a template engine [CWE-1336] in FortiManager versions 7.4.1 and below, versions 7.2.4 and below, and 7.0.10 and below allows attacker to execute unauthorized code or commands via specially crafted templates.
local
low complexity
fortinet CWE-94
6.7
6.7
2024-03-29 CVE-2024-29201 Code Injection vulnerability in Fit2Cloud Jumpserver
JumpServer is an open source bastion host and an operation and maintenance security audit system.
network
low complexity
fit2cloud CWE-94
critical
 9.9
9.9
2024-03-29 CVE-2024-29202 Code Injection vulnerability in Fit2Cloud Jumpserver
JumpServer is an open source bastion host and an operation and maintenance security audit system.
network
low complexity
fit2cloud CWE-94
critical
 9.9
9.9
2024-03-21 CVE-2024-28116 Code Injection vulnerability in Getgrav Grav
Grav is an open-source, flat-file content management system.
network
low complexity
getgrav CWE-94
8.8
8.8
2024-03-21 CVE-2024-28117 Code Injection vulnerability in Getgrav Grav
Grav is an open-source, flat-file content management system.
network
low complexity
getgrav CWE-94
8.8
8.8