Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-26 | CVE-2023-30145 | Code Injection vulnerability in Tuzitio Camaleon CMS Camaleon CMS v2.7.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the formats parameter. | 9.8 |
| 2023-05-23 | CVE-2023-25953 | Code Injection vulnerability in Worksmobile Drive Explorer 3.5.4 Code injection vulnerability in Drive Explorer for macOS versions 3.5.4 and earlier allows an attacker who can login to the client where the affected product is installed to inject arbitrary code while processing the product execution. | 9.8 |
| 2023-05-12 | CVE-2023-30130 | Code Injection vulnerability in Craftcms Craft CMS 3.8.1 An issue found in CraftCMS v.3.8.1 allows a remote attacker to execute arbitrary code via a crafted script to the Section parameter. | 8.8 |
| 2023-05-04 | CVE-2023-31414 | Code Injection vulnerability in Elastic Kibana Kibana versions 8.0.0 through 8.7.0 contain an arbitrary code execution flaw. | 8.8 |
| 2023-05-04 | CVE-2023-31415 | Code Injection vulnerability in Elastic Kibana 8.7.0 Kibana version 8.7.0 contains an arbitrary code execution flaw. | 8.8 |
| 2023-05-03 | CVE-2023-1178 | Code Injection vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions from 8.6 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. | 5.7 |
| 2023-04-28 | CVE-2023-26782 | Code Injection vulnerability in Chshcms Mccms 2.6.1 An issue discovered in mccms 2.6.1 allows remote attackers to cause a denial of service via Backend management interface ->System Configuration->Cache Configuration->Cache security characters. | 6.5 |
| 2023-04-24 | CVE-2023-2259 | Code Injection vulnerability in ALF Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304. | 7.2 |
| 2023-04-24 | CVE-2023-26060 | Code Injection vulnerability in Nokia Netact 18A An issue was discovered in Nokia NetAct before 22 FP2211. | 8.8 |
| 2023-04-21 | CVE-2022-36963 | Code Injection vulnerability in Solarwinds Orion Platform The SolarWinds Platform was susceptible to the Command Injection Vulnerability. | 7.2 |