Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-27 | CVE-2017-20099 | Code Injection vulnerability in Analytics Stats Counter Statistics Project Analytics Stats Counter Statistics 1.2.2.5 A vulnerability was found in Analytics Stats Counter Statistics Plugin 1.2.2.5 and classified as critical. | 9.8 |
| 2022-06-24 | CVE-2017-20095 | Code Injection vulnerability in Simple ADS Manager Project Simple ADS Manager 2.9.8.125 A vulnerability classified as critical was found in Simple Ads Manager Plugin. | 9.8 |
| 2022-06-23 | CVE-2017-20086 | Code Injection vulnerability in Automattic Vaultpress 1.8.4 A vulnerability, which was classified as critical, was found in VaultPress Plugin 1.8.4. | 7.5 |
| 2022-06-20 | CVE-2017-20064 | Code Injection vulnerability in Elefantcms Elefant CMS 1.3.12 A vulnerability was found in Elefant CMS 1.3.12-RC. | 8.8 |
| 2022-06-16 | CVE-2021-41402 | Code Injection vulnerability in Flatcore Flatcore-Cms 2.0.8 flatCore-CMS v2.0.8 has a code execution vulnerability, which could let a remote malicious user execute arbitrary PHP code. | 8.8 |
| 2022-06-12 | CVE-2021-41749 | Code Injection vulnerability in Nystudio107 Seomatic In the SEOmatic plugin up to 3.4.11 for Craft CMS 3, it is possible for unauthenticated attackers to perform a Server-Side Template Injection, allowing for remote code execution. | 9.8 |
| 2022-06-10 | CVE-2022-24429 | Code Injection vulnerability in Convert-Svg-Core Project Convert-Svg-Core The package convert-svg-core before 0.6.3 are vulnerable to Arbitrary Code Injection when using a specially crafted SVG file. | 7.8 |
| 2022-06-09 | CVE-2022-2014 | Code Injection vulnerability in Diagrams Drawio Code Injection in GitHub repository jgraph/drawio prior to 19.0.2. | 5.4 |
| 2022-06-08 | CVE-2022-21122 | Code Injection vulnerability in Metarhia Metacalc 0.0.1 The package metacalc before 0.0.2 are vulnerable to Arbitrary Code Execution when it exposes JavaScript's Math class to the v8 context. | 9.8 |
| 2022-05-26 | CVE-2022-21831 | Code Injection vulnerability in multiple products A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments. | 9.8 |