Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-31 | CVE-2006-4695 | Code Injection vulnerability in Microsoft Office web Components 2000 Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via a crafted URL, aka "Office Web Components URL Parsing Vulnerability." | 9.3 |
| 2006-12-27 | CVE-2006-6760 | Code Injection vulnerability in PHPmymanga Multiple PHP remote file inclusion vulnerabilities in template.php in Phpmymanga 0.8.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) actionsPage or (2) formPage parameter. | 7.5 |
| 2006-12-27 | CVE-2006-6748 | Code Injection vulnerability in Newxooper PHP remote file inclusion vulnerability in i-accueil.php in Newxooper 0.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter. | 7.5 |
| 2006-12-26 | CVE-2006-6739 | Code Injection vulnerability in Paristemi 0.8.3 PHP remote file inclusion vulnerability in buycd.php in Paristemi 0.8.3 allows remote attackers to execute arbitrary PHP code via a URL in the HTTP_DOCUMENT_ROOT parameter, a different vector than CVE-2006-6689. | 7.5 |
| 2006-12-26 | CVE-2006-6738 | Code Injection vulnerability in Cwm-Design Cwmcounter PHP remote file inclusion vulnerability in statistic.php in cwmCounter 5.1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | 6.8 |
| 2006-12-26 | CVE-2006-6732 | Code Injection vulnerability in Cwm-Design Cwmvote 1.0 PHP remote file inclusion vulnerability in archive.php in cwmVote 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the abs parameter. | 6.8 |
| 2006-12-26 | CVE-2006-6727 | Code Injection vulnerability in Inertianews PHP remote file inclusion vulnerability in inertianews_class.php in inertianews 0.02 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. | 7.5 |
| 2006-12-26 | CVE-2006-6726 | Code Injection vulnerability in Inertianews 0.02 PHP remote file inclusion vulnerability in inertianews_main.php in inertianews 0.02 beta allows remote attackers to execute arbitrary PHP code via a URL in the inews_path parameter. | 7.5 |
| 2006-12-23 | CVE-2006-6720 | Code Injection vulnerability in Azucar CMS Azucar CMS 1.3 PHP remote file inclusion vulnerability in admin/index_sitios.php in Azucar CMS 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the _VIEW parameter. | 7.5 |
| 2006-12-23 | CVE-2006-6710 | Code Injection vulnerability in Matteolucarelli Pgmreloaded Multiple PHP remote file inclusion vulnerabilities in PgmReloaded 0.8.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) lang parameter to (a) index.php, the (2) CFG[libdir] and (3) CFG[localedir] parameters to (b) common.inc.php, and the CFG[localelangdir] parameter to (c) form_header.php. | 7.5 |