Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-06 | CVE-2023-36859 | Code Injection vulnerability in Piigab M-Bus 900S Firmware PiiGAB M-Bus SoftwarePack 900S does not correctly sanitize user input, which could allow an attacker to inject arbitrary commands. | 9.8 |
| 2023-07-04 | CVE-2023-30990 | Code Injection vulnerability in IBM I IBM i 7.2, 7.3, 7.4, and 7.5 could allow a remote attacker to execute CL commands as QUSER, caused by an exploitation of DDM architecture. | 9.8 |
| 2023-06-28 | CVE-2023-27866 | Code Injection vulnerability in IBM Informix Jdbc Driver 4.10 IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code execution attack via JNDI injection when driver code or the application using the driver do not verify supplied LDAP URL in Connect String. | 9.8 |
| 2023-06-23 | CVE-2023-35150 | Code Injection vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 8.0 |
| 2023-06-23 | CVE-2023-35152 | Code Injection vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 8.8 |
| 2023-06-22 | CVE-2023-35926 | Code Injection vulnerability in Linuxfoundation Backstage Backstage is an open platform for building developer portals. | 9.9 |
| 2023-06-20 | CVE-2020-20918 | Code Injection vulnerability in Pluck-Cms Pluck 4.7.10 An issue discovered in Pluck CMS v.4.7.10-dev2 allows a remote attacker to execute arbitrary php code via the hidden parameter to admin.php when editing a page. | 7.2 |
| 2023-06-19 | CVE-2023-2359 | Code Injection vulnerability in Themepunch Slider Revolution The Slider Revolution WordPress plugin through 6.6.12 does not check for valid image files upon import, leading to an arbitrary file upload which may be escalated to Remote Code Execution in some server configurations. | 8.8 |
| 2023-06-14 | CVE-2023-34253 | Code Injection vulnerability in Getgrav Grav Grav is a flat-file content management system. | 7.2 |
| 2023-06-14 | CVE-2023-34448 | Code Injection vulnerability in Getgrav Grav Grav is a flat-file content management system. | 7.2 |