Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-14 | CVE-2023-34252 | Code Injection vulnerability in Getgrav Grav Grav is a flat-file content management system. | 7.2 |
| 2023-06-14 | CVE-2023-1049 | Code Injection vulnerability in Schneider-Electric products A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause execution of malicious code when an unsuspicious user loads a project file from the local filesystem into the HMI. | 7.8 |
| 2023-06-13 | CVE-2023-3224 | Code Injection vulnerability in Nuxt 3.4.0/3.4.1/3.4.2 Code Injection in GitHub repository nuxt/nuxt prior to 3.5.3. | 9.8 |
| 2023-06-13 | CVE-2023-30179 | Code Injection vulnerability in Craftcms Craft CMS 3.7.59 CraftCMS version 3.7.59 is vulnerable to Server-Side Template Injection (SSTI). | 7.2 |
| 2023-06-13 | CVE-2023-32546 | Code Injection vulnerability in Chatwork 2.6.43 Code injection vulnerability exists in Chatwork Desktop Application (Mac) 2.6.43 and earlier. | 4.4 |
| 2023-06-13 | CVE-2023-25910 | Code Injection vulnerability in Siemens Simatic PCS 7, Simatic S7-Pm and Simatic Step 7 A vulnerability has been identified in SIMATIC PCS 7 (All versions < V9.1 SP2 UC04), SIMATIC S7-PM (All versions < V5.7 SP1 HF1), SIMATIC S7-PM (All versions < V5.7 SP2 HF1), SIMATIC STEP 7 V5 (All versions < V5.7). | 8.8 |
| 2023-06-08 | CVE-2023-29402 | Code Injection vulnerability in multiple products The go command may generate unexpected code at build time when using cgo. | 9.8 |
| 2023-06-08 | CVE-2023-29404 | Code Injection vulnerability in multiple products The go command may execute arbitrary code at build time when using cgo. | 9.8 |
| 2023-06-07 | CVE-2020-36708 | Code Injection vulnerability in multiple products The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely <= 1.2.7, NewsMag <= 2.4.1, Activello <= 1.4.0, Illdy <= 2.1.4, Allegiant <= 1.2.2, Newspaper X <= 1.3.1, Pixova Lite <= 2.0.5, Brilliance <= 1.2.7, MedZone Lite <= 1.2.4, Regina Lite <= 2.0.4, Transcend <= 1.1.8, Affluent <= 1.1.0, Bonkers <= 1.0.4, Antreas <= 1.0.2, Sparkling <= 2.4.8, and NatureMag Lite <= 1.0.4. | 9.8 |
| 2023-05-30 | CVE-2023-32692 | Code Injection vulnerability in Codeigniter CodeIgniter is a PHP full-stack web framework. | 9.8 |