Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-17 | CVE-2020-22937 | Code Injection vulnerability in Phome Empirecms 7.5 A remote code execution (RCE) in e/install/index.php of EmpireCMS 7.5 allows attackers to execute arbitrary PHP code via writing malicious code to the install file. | 9.8 |
| 2021-08-16 | CVE-2021-32822 | Code Injection vulnerability in HBS Project HBS The npm hbs package is an Express view engine wrapper for Handlebars. | 5.3 |
| 2021-08-11 | CVE-2021-37626 | Code Injection vulnerability in Contao Contao is an open source CMS that allows you to create websites and scalable web applications. | 7.2 |
| 2021-08-11 | CVE-2021-37694 | Code Injection vulnerability in Asyncapi Java-Spring-Cloud-Stream-Template @asyncapi/java-spring-cloud-stream-template generates a Spring Cloud Stream (SCSt) microservice. | 7.8 |
| 2021-08-08 | CVE-2021-38196 | Code Injection vulnerability in Better-Macro Project Better-Macro An issue was discovered in the better-macro crate through 2021-07-22 for Rust. | 9.8 |
| 2021-08-04 | CVE-2021-36800 | Code Injection vulnerability in Akaunting Akaunting version 2.1.12 and earlier suffers from a code injection issue in the Money.php component of the application. | 9.1 |
| 2021-08-03 | CVE-2021-31630 | Code Injection vulnerability in Openplcproject Openplc V3 Firmware Command Injection in Open PLC Webserver v3 allows remote attackers to execute arbitrary code via the "Hardware Layer Code Box" component on the "/hardware" page of the application. | 8.8 |
| 2021-08-02 | CVE-2021-24430 | Code Injection vulnerability in Optimocha Speed Booster Pack The Speed Booster Pack ? PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its caching_exclude_urls and caching_include_query_strings settings before outputting them in a PHP file, which could lead to RCE | 7.2 |
| 2021-08-02 | CVE-2017-18113 | Code Injection vulnerability in Atlassian Data Center and Jira The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1 allows remote attackers who can trick a system administrator to import their malicious workflow to execute arbitrary code via a Remote Code Execution (RCE) vulnerability. | 8.8 |
| 2021-07-26 | CVE-2020-18172 | Code Injection vulnerability in Trezor Bridge 2.0.27 A code injection vulnerability in the SeDebugPrivilege component of Trezor Bridge 2.0.27 allows attackers to escalate privileges. | 9.8 |