Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-26 | CVE-2021-29772 | Code Injection vulnerability in IBM API Connect IBM API Connect 5.0.0.0 through 5.0.8.11 could allow a user to potentially inject code due to unsanitized user input. | 9.8 |
| 2021-08-26 | CVE-2020-19822 | Code Injection vulnerability in Zzcms 2018 A remote code execution (RCE) vulnerability in template_user.php of ZZCMS version 2018 allows attackers to execute arbitrary PHP code via the "ml" and "title" parameters. | 7.2 |
| 2021-08-25 | CVE-2021-40084 | Code Injection vulnerability in Artixlinux Opensysusers opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. | 9.8 |
| 2021-08-18 | CVE-2020-22120 | Code Injection vulnerability in Txjia Imcat 5.1 A remote code execution (RCE) vulnerability in /root/run/adm.php?admin-ediy&part=exdiy of imcat v5.1 allows authenticated attackers to execute arbitrary code. | 8.8 |
| 2021-08-17 | CVE-2020-22937 | Code Injection vulnerability in Phome Empirecms 7.5 A remote code execution (RCE) in e/install/index.php of EmpireCMS 7.5 allows attackers to execute arbitrary PHP code via writing malicious code to the install file. | 9.8 |
| 2021-08-16 | CVE-2021-32822 | Code Injection vulnerability in HBS Project HBS The npm hbs package is an Express view engine wrapper for Handlebars. | 5.3 |
| 2021-08-11 | CVE-2021-37626 | Code Injection vulnerability in Contao Contao is an open source CMS that allows you to create websites and scalable web applications. | 7.2 |
| 2021-08-11 | CVE-2021-37694 | Code Injection vulnerability in Asyncapi Java-Spring-Cloud-Stream-Template @asyncapi/java-spring-cloud-stream-template generates a Spring Cloud Stream (SCSt) microservice. | 7.8 |
| 2021-08-08 | CVE-2021-38196 | Code Injection vulnerability in Better-Macro Project Better-Macro An issue was discovered in the better-macro crate through 2021-07-22 for Rust. | 9.8 |
| 2021-08-04 | CVE-2021-36800 | Code Injection vulnerability in Akaunting Akaunting version 2.1.12 and earlier suffers from a code injection issue in the Money.php component of the application. | 9.1 |