Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-16 | CVE-2023-43449 | Code Injection vulnerability in Hummerrisk An issue in HummerRisk HummerRisk v.1.10 thru 1.4.1 allows an authenticated attacker to execute arbitrary code via a crafted request to the service/LicenseService component. | 8.8 |
| 2024-01-16 | CVE-2023-51282 | Code Injection vulnerability in Mingsoft Mcms 5.2.4 An issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain sensitive information via a crafted script to the password parameter. | 7.5 |
| 2024-01-13 | CVE-2023-51066 | Code Injection vulnerability in Qstar Archive Storage Manager 30 An authenticated remote code execution vulnerability in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows attackers to arbitrarily execute commands. | 8.8 |
| 2024-01-08 | CVE-2024-21650 | Code Injection vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 9.8 |
| 2024-01-08 | CVE-2023-7224 | Code Injection vulnerability in Openvpn Connect OpenVPN Connect version 3.0 through 3.4.6 on macOS allows local users to execute code in external third party libraries using the DYLD_INSERT_LIBRARIES environment variable | 7.8 |
| 2024-01-03 | CVE-2023-41783 | Code Injection vulnerability in ZTE Zxcloud Irai There is a command injection vulnerability of ZTE's ZXCLOUD iRAI. | 7.8 |
| 2024-01-02 | CVE-2024-0195 | Code Injection vulnerability in Ssssssss Spider-Flow 0.4.3 A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. | 9.8 |
| 2023-12-30 | CVE-2023-41544 | Code Injection vulnerability in Jeecg Boot SSTI injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to execute arbitrary code via crafted HTTP request to the /jmreport/loadTableData component. | 9.8 |
| 2023-12-29 | CVE-2023-40606 | Code Injection vulnerability in Kanbanwp Kanban Boards for Wordpress Improper Control of Generation of Code ('Code Injection') vulnerability in Kanban for WordPress Kanban Boards for WordPress.This issue affects Kanban Boards for WordPress: from n/a through 2.5.21. | 7.2 |
| 2023-12-28 | CVE-2023-46987 | Code Injection vulnerability in Seacms 12.9 SeaCMS v12.9 was discovered to contain a remote code execution (RCE) vulnerability via the component /augap/adminip.php. | 8.8 |