Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-22 | CVE-2018-18573 | Code Injection vulnerability in Oscommerce 2.3.4.1 osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. | 7.2 |
| 2019-08-22 | CVE-2019-15318 | Code Injection vulnerability in Yikesinc Easy Forms for Mailchimp The yikes-inc-easy-mailchimp-extender plugin before 6.5.3 for WordPress has code injection via the admin input field. | 9.8 |
| 2019-08-19 | CVE-2019-15224 | Code Injection vulnerability in Rest-Client Project Rest-Client The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. | 9.8 |
| 2019-08-14 | CVE-2019-0343 | Code Injection vulnerability in SAP Commerce Cloud SAP Commerce Cloud (Mediaconversion Extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, allows an authenticated Backoffice/HMC user to inject code that can be executed by the application, leading to Code Injection. | 8.8 |
| 2019-08-13 | CVE-2015-9298 | Code Injection vulnerability in Pixelite Events Manager The events-manager plugin before 5.6 for WordPress has code injection. | 9.8 |
| 2019-08-12 | CVE-2019-14965 | Code Injection vulnerability in Frappe An issue was discovered in Frappe Framework 10 through 12 before 12.0.4. | 9.8 |
| 2019-08-07 | CVE-2019-14746 | Code Injection vulnerability in Kuaifan Kuaifancms 5.0 A issue was discovered in KuaiFanCMS 5.0. | 9.8 |
| 2019-08-05 | CVE-2017-18468 | Code Injection vulnerability in Cpanel cPanel before 62.0.17 allows demo accounts to execute code via the Htaccess::setphppreference API (SEC-232). | 6.3 |
| 2019-08-02 | CVE-2019-7871 | Code Injection vulnerability in Magento A security bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 that could be abused to execute arbitrary PHP code. | 8.8 |
| 2019-08-01 | CVE-2018-20931 | Code Injection vulnerability in Cpanel cPanel before 70.0.23 allows demo accounts to execute code via the Landing Page (SEC-405). | 6.3 |