Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-16 | CVE-2024-44623 | Code Injection vulnerability in SPX Graphics Controller An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the child_process.js function. | 9.8 |
| 2024-09-16 | CVE-2024-7104 | Code Injection vulnerability in SFS Winsure Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww.Winsure allows Code Injection.This issue affects ww.Winsure: before 4.6.2. | 9.8 |
| 2024-09-16 | CVE-2024-8880 | Code Injection vulnerability in Playsms A vulnerability classified as critical has been found in playSMS 1.4.4/1.4.5/1.4.6/1.4.7. | 9.8 |
| 2024-09-15 | CVE-2024-8864 | Code Injection vulnerability in Composio A vulnerability has been found in composiohq composio up to 0.5.6 and classified as critical. | 8.8 |
| 2024-09-14 | CVE-2024-8479 | Code Injection vulnerability in Webliberty Simple Spoiler The The Simple Spoiler plugin for WordPress is vulnerable to arbitrary shortcode execution in versions 1.2 to 1.3. | 7.3 |
| 2024-09-14 | CVE-2024-8271 | Code Injection vulnerability in Pluginus FOX - Currency Switcher Professional for Woocommerce The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.1. | 7.3 |
| 2024-09-12 | CVE-2024-45846 | Code Injection vulnerability in Mindsdb An arbitrary code execution vulnerability exists in versions 23.10.3.0 up to 24.7.4.1 of the MindsDB platform, when the Weaviate integration is installed on the server. | 8.8 |
| 2024-09-12 | CVE-2024-45847 | Code Injection vulnerability in Mindsdb An arbitrary code execution vulnerability exists in versions 23.11.4.2 up to 24.7.4.1 of the MindsDB platform, when one of several integrations is installed on the server. | 8.8 |
| 2024-09-12 | CVE-2024-45848 | Code Injection vulnerability in Mindsdb 23.12.4.0/23.12.4.1 An arbitrary code execution vulnerability exists in versions 23.12.4.0 up to 24.7.4.1 of the MindsDB platform, when the ChromaDB integration is installed on the server. | 8.8 |
| 2024-09-12 | CVE-2024-45849 | Code Injection vulnerability in Mindsdb An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. | 8.8 |