Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-14 | CVE-2022-23503 | Code Injection vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 8.8 |
| 2022-12-13 | CVE-2022-41264 | Code Injection vulnerability in SAP Basis Due to the unrestricted scope of the RFC function module, SAP BASIS - versions 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, 791, allows an authenticated non-administrator attacker to access a system class and execute any of its public methods with parameters provided by the attacker. | 8.8 |
| 2022-12-09 | CVE-2022-46157 | Code Injection vulnerability in Akeneo Product Information Management Akeneo PIM is an open source Product Information Management (PIM). | 8.8 |
| 2022-12-09 | CVE-2022-46166 | Code Injection vulnerability in Codecentric Spring Boot Admin 3.0.0 Spring boot admins is an open source administrative user interface for management of spring boot applications. | 9.8 |
| 2022-12-07 | CVE-2022-46742 | Code Injection vulnerability in Paddlepaddle 2.4.0 Code injection in paddle.audio.functional.get_window in PaddlePaddle 2.4.0-rc0 allows arbitrary code execution. | 9.8 |
| 2022-12-07 | CVE-2022-43660 | Code Injection vulnerability in Sixapart Movable Type Improper neutralization of Server-Side Includes (SSW) within a web page in Movable Type series allows a remote authenticated attacker with Privilege of 'Manage of Content Types' may execute an arbitrary Perl script and/or an arbitrary OS command. | 7.2 |
| 2022-12-06 | CVE-2022-42699 | Code Injection vulnerability in Wp-Ecommerce Easy WP Smtp Auth. | 8.8 |
| 2022-12-06 | CVE-2022-46333 | Code Injection vulnerability in Proofpoint Enterprise Protection The admin user interface in Proofpoint Enterprise Protection (PPS/PoD) contains a command injection vulnerability that enables an admin to execute commands beyond their allowed scope. | 7.2 |
| 2022-12-06 | CVE-2022-4300 | Code Injection vulnerability in Xjd2020 Fastcms A vulnerability was found in FastCMS. | 8.8 |
| 2022-12-01 | CVE-2022-3696 | Code Injection vulnerability in Sophos XG Firewall Firmware 17.0/17.5/18.0 A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than version 19.5 GA. | 7.2 |