Vulnerabilities > Improper Control of Generation of Code ('Code Injection')

DATE CVE VULNERABILITY TITLE RISK
2024-09-16 CVE-2024-7104 Code Injection vulnerability in SFS Winsure
Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww.Winsure allows Code Injection.This issue affects ww.Winsure: before 4.6.2.
network
low complexity
sfs CWE-94
critical
9.8
2024-09-16 CVE-2024-8880 Code Injection vulnerability in Playsms
A vulnerability classified as critical has been found in playSMS 1.4.4/1.4.5/1.4.6/1.4.7.
network
low complexity
playsms CWE-94
critical
9.8
2024-09-15 CVE-2024-8864 Code Injection vulnerability in Composio
A vulnerability has been found in composiohq composio up to 0.5.6 and classified as critical.
network
low complexity
composio CWE-94
8.8
2024-09-14 CVE-2024-8479 Code Injection vulnerability in Webliberty Simple Spoiler
The The Simple Spoiler plugin for WordPress is vulnerable to arbitrary shortcode execution in versions 1.2 to 1.3.
network
low complexity
webliberty CWE-94
7.3
2024-09-14 CVE-2024-8271 Code Injection vulnerability in Pluginus FOX - Currency Switcher Professional for Woocommerce
The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.1.
network
low complexity
pluginus CWE-94
7.3
2024-09-12 CVE-2024-45846 Code Injection vulnerability in Mindsdb
An arbitrary code execution vulnerability exists in versions 23.10.3.0 up to 24.7.4.1 of the MindsDB platform, when the Weaviate integration is installed on the server.
network
low complexity
mindsdb CWE-94
8.8
2024-09-12 CVE-2024-45847 Code Injection vulnerability in Mindsdb
An arbitrary code execution vulnerability exists in versions 23.11.4.2 up to 24.7.4.1 of the MindsDB platform, when one of several integrations is installed on the server.
network
low complexity
mindsdb CWE-94
8.8
2024-09-12 CVE-2024-45848 Code Injection vulnerability in Mindsdb 23.12.4.0/23.12.4.1
An arbitrary code execution vulnerability exists in versions 23.12.4.0 up to 24.7.4.1 of the MindsDB platform, when the ChromaDB integration is installed on the server.
network
low complexity
mindsdb CWE-94
8.8
2024-09-12 CVE-2024-45849 Code Injection vulnerability in Mindsdb
An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server.
network
low complexity
mindsdb CWE-94
8.8
2024-09-12 CVE-2024-45850 Code Injection vulnerability in Mindsdb
An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server.
network
low complexity
mindsdb CWE-94
8.8