Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-25 | CVE-2021-40084 | Code Injection vulnerability in Artixlinux Opensysusers opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. | 9.8 |
| 2021-08-18 | CVE-2020-22120 | Code Injection vulnerability in Txjia Imcat 5.1 A remote code execution (RCE) vulnerability in /root/run/adm.php?admin-ediy&part=exdiy of imcat v5.1 allows authenticated attackers to execute arbitrary code. | 8.8 |
| 2021-08-17 | CVE-2020-22937 | Code Injection vulnerability in Phome Empirecms 7.5 A remote code execution (RCE) in e/install/index.php of EmpireCMS 7.5 allows attackers to execute arbitrary PHP code via writing malicious code to the install file. | 9.8 |
| 2021-08-16 | CVE-2021-32822 | Code Injection vulnerability in HBS Project HBS The npm hbs package is an Express view engine wrapper for Handlebars. | 5.3 |
| 2021-08-11 | CVE-2021-37626 | Code Injection vulnerability in Contao Contao is an open source CMS that allows you to create websites and scalable web applications. | 7.2 |
| 2021-08-11 | CVE-2021-37694 | Code Injection vulnerability in Asyncapi Java-Spring-Cloud-Stream-Template @asyncapi/java-spring-cloud-stream-template generates a Spring Cloud Stream (SCSt) microservice. | 7.8 |
| 2021-08-08 | CVE-2021-38196 | Code Injection vulnerability in Better-Macro Project Better-Macro An issue was discovered in the better-macro crate through 2021-07-22 for Rust. | 9.8 |
| 2021-08-04 | CVE-2021-36800 | Code Injection vulnerability in Akaunting Akaunting version 2.1.12 and earlier suffers from a code injection issue in the Money.php component of the application. | 9.1 |
| 2021-08-03 | CVE-2021-31630 | Code Injection vulnerability in Openplcproject Openplc V3 Firmware Command Injection in Open PLC Webserver v3 allows remote attackers to execute arbitrary code via the "Hardware Layer Code Box" component on the "/hardware" page of the application. | 8.8 |
| 2021-08-02 | CVE-2021-24430 | Code Injection vulnerability in Optimocha Speed Booster Pack The Speed Booster Pack ? PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its caching_exclude_urls and caching_include_query_strings settings before outputting them in a PHP file, which could lead to RCE | 7.2 |