Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-03 | CVE-2024-8374 | Code Injection vulnerability in Ultimaker Cura UltiMaker Cura slicer versions 5.7.0-beta.1 through 5.7.2 are vulnerable to code injection via the 3MF format reader (/plugins/ThreeMFReader.py). | 7.8 |
| 2024-08-29 | CVE-2024-41361 | Code Injection vulnerability in Sourcefabric Phoniebox 2.7.0 RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\manageFilesFolders.php | 9.8 |
| 2024-08-29 | CVE-2024-41364 | Code Injection vulnerability in Sourcefabric Phoniebox 2.7.0 RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\trackEdit.php | 9.8 |
| 2024-08-29 | CVE-2024-41366 | Code Injection vulnerability in Sourcefabric Phoniebox 2.7.0 RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\userScripts.php | 9.8 |
| 2024-08-29 | CVE-2024-41367 | Code Injection vulnerability in Sourcefabric Phoniebox 2.7.0 RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\api\playlist\appendFileToPlaylist.php | 9.8 |
| 2024-08-29 | CVE-2024-41368 | Code Injection vulnerability in Sourcefabric Phoniebox 2.7.0 RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\inc.setWlanIpMail.php | 9.8 |
| 2024-08-29 | CVE-2024-43922 | Code Injection vulnerability in Nitropack Improper Control of Generation of Code ('Code Injection') vulnerability in NitroPack Inc. | 9.8 |
| 2024-08-23 | CVE-2024-5466 | Code Injection vulnerability in multiple products Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option. | 8.8 |
| 2024-08-21 | CVE-2024-6386 | Code Injection vulnerability in Wpml The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.6.12 via the Twig Server-Side Template Injection. | 8.8 |
| 2024-08-21 | CVE-2024-40453 | Code Injection vulnerability in Squirrelly 9.0.0 squirrellyjs squirrelly v9.0.0 and fixed in v.9.0.1 was discovered to contain a code injection vulnerability via the component options.varName. | 9.8 |