Vulnerabilities > Improper Control of Generation of Code ('Code Injection')

DATE CVE VULNERABILITY TITLE RISK
2022-07-06 CVE-2015-3173 Code Injection vulnerability in Custom Content Type Manager Project Custom Content Type Manager
custom-content-type-manager Wordpress plugin can be used by an administrator to achieve arbitrary PHP remote code execution. 		7.2
7.2
2022-06-29 CVE-2022-2073 Code Injection vulnerability in Getgrav Grav
Code Injection in GitHub repository getgrav/grav prior to 1.7.34.
network
low complexity
getgrav CWE-94
7.2
7.2
2022-06-28 CVE-2021-40553 Code Injection vulnerability in Piwigo 11.5.0
piwigo 11.5.0 is affected by a remote code execution (RCE) vulnerability in the LocalFiles Editor.
network
low complexity
piwigo CWE-94
8.8
8.8
2022-06-27 CVE-2017-20099 Code Injection vulnerability in Analytics Stats Counter Statistics Project Analytics Stats Counter Statistics 1.2.2.5
A vulnerability was found in Analytics Stats Counter Statistics Plugin 1.2.2.5 and classified as critical.
network
low complexity
analytics-stats-counter-statistics-project CWE-94
critical
 9.8
9.8
2022-06-24 CVE-2017-20095 Code Injection vulnerability in Simple ADS Manager Project Simple ADS Manager 2.9.8.125
A vulnerability classified as critical was found in Simple Ads Manager Plugin.
network
low complexity
simple-ads-manager-project CWE-94
critical
 9.8
9.8
2022-06-23 CVE-2017-20086 Code Injection vulnerability in Automattic Vaultpress 1.8.4
A vulnerability, which was classified as critical, was found in VaultPress Plugin 1.8.4.
network
high complexity
automattic CWE-94
7.5
7.5
2022-06-20 CVE-2017-20064 Code Injection vulnerability in Elefantcms Elefant CMS 1.3.12
A vulnerability was found in Elefant CMS 1.3.12-RC.
network
low complexity
elefantcms CWE-94
8.8
8.8
2022-06-16 CVE-2021-41402 Code Injection vulnerability in Flatcore Flatcore-Cms 2.0.8
flatCore-CMS v2.0.8 has a code execution vulnerability, which could let a remote malicious user execute arbitrary PHP code.
network
low complexity
flatcore CWE-94
8.8
8.8
2022-06-12 CVE-2022-2054 Code Injection vulnerability in Nuitka
Code Injection in GitHub repository nuitka/nuitka prior to 0.9.
local
low complexity
nuitka CWE-94
7.8
7.8
2022-06-12 CVE-2021-41749 Code Injection vulnerability in Nystudio107 Seomatic
In the SEOmatic plugin up to 3.4.11 for Craft CMS 3, it is possible for unauthenticated attackers to perform a Server-Side Template Injection, allowing for remote code execution.
network
low complexity
nystudio107 CWE-94
critical
 9.8
9.8