Vulnerabilities > Improper Control of Generation of Code ('Code Injection')

DATE CVE VULNERABILITY TITLE RISK
2023-11-17 CVE-2023-6188 Code Injection vulnerability in Get-Simple Getsimplecms 3.3.16/3.4.0A
A vulnerability was found in GetSimpleCMS 3.3.16/3.4.0a.
network
low complexity
get-simple CWE-94
critical
 9.8
9.8
2023-11-16 CVE-2023-6016 Code Injection vulnerability in H2O
An attacker is able to gain remote code execution on a server hosting the H2O dashboard through it's POJO model import feature.
network
low complexity
h2o CWE-94
critical
 9.8
9.8
2023-11-15 CVE-2023-47444 Code Injection vulnerability in Opencart
An issue discovered in OpenCart 4.0.0.0 to 4.0.2.3 allows authenticated backend users having common/security write privilege can write arbitrary untrusted data inside config.php and admin/config.php, resulting in remote code execution on the underlying server.
network
low complexity
opencart CWE-94
8.8
8.8
2023-11-14 CVE-2023-6131 Code Injection vulnerability in Salesagility Suitecrm
Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
network
low complexity
salesagility CWE-94
8.8
8.8
2023-11-14 CVE-2023-6125 Code Injection vulnerability in Salesagility Suitecrm
Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
network
low complexity
salesagility CWE-94
8.8
8.8
2023-11-14 CVE-2023-6126 Code Injection vulnerability in Salesagility Suitecrm
Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
network
low complexity
salesagility CWE-94
critical
 9.8
9.8
2023-11-09 CVE-2023-5539 Code Injection vulnerability in multiple products
A remote code execution risk was identified in the Lesson activity.
network
low complexity
moodle fedoraproject CWE-94
8.8
8.8
2023-11-09 CVE-2023-5540 Code Injection vulnerability in multiple products
A remote code execution risk was identified in the IMSCP activity.
network
low complexity
moodle fedoraproject CWE-94
8.8
8.8
2023-11-08 CVE-2023-45849 Code Injection vulnerability in Perforce Helix Core
An arbitrary code execution which results in privilege escalation was discovered in Helix Core versions prior to 2023.2.
network
low complexity
perforce CWE-94
critical
 9.8
9.8
2023-11-08 CVE-2023-47397 Code Injection vulnerability in Webidsupport Webid
WeBid <=1.2.2 is vulnerable to code injection via admin/categoriestrans.php.
network
low complexity
webidsupport CWE-94
critical
 9.8
9.8