Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-14 | CVE-2020-11546 | Code Injection vulnerability in Superwebmailer SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. | 9.8 |
| 2020-07-10 | CVE-2020-8194 | Code Injection vulnerability in Citrix products Reflected code injection in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows the modification of a file download. | 6.5 |
| 2020-07-02 | CVE-2020-8163 | Code Injection vulnerability in multiple products The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument of a `render` call to perform a RCE. | 8.8 |
| 2020-06-26 | CVE-2020-15348 | Code Injection vulnerability in Zyxel Cloud CNM Secumanager 3.1.0/3.1.1 Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows use of live/CPEManager/AXCampaignManager/delete_cpes_by_ids?cpe_ids= for eval injection of Python code. | 9.8 |
| 2020-06-19 | CVE-2016-11064 | Code Injection vulnerability in Mattermost Desktop An issue was discovered in Mattermost Desktop App before 3.4.0. | 9.8 |
| 2020-06-11 | CVE-2020-5593 | Code Injection vulnerability in Zenphoto Zenphoto versions prior to 1.5.7 allows an attacker to conduct PHP code injection attacks by leading a user to upload a specially crafted .zip file. | 8.8 |
| 2020-06-10 | CVE-2020-7675 | Code Injection vulnerability in Cd-Messenger Project Cd-Messenger cd-messenger through 2.7.26 is vulnerable to Arbitrary Code Execution. | 9.8 |
| 2020-06-10 | CVE-2020-7674 | Code Injection vulnerability in Access-Policy Project Access-Policy 3.0.0/3.1.0 access-policy through 3.1.0 is vulnerable to Arbitrary Code Execution. | 9.8 |
| 2020-06-10 | CVE-2020-7673 | Code Injection vulnerability in Node-Extend Project Node-Extend node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. | 9.8 |
| 2020-06-10 | CVE-2020-7672 | Code Injection vulnerability in Mosc Project Mosc 1.0.0 mosc through 1.0.0 is vulnerable to Arbitrary Code Execution. | 8.6 |