Vulnerabilities > Improper Control of Generation of Code ('Code Injection')

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-01	CVE-2021-32924	Code Injection vulnerability in Invisioncommunity IPS Community Suite Invision Community (aka IPS Community Suite) before 4.6.0 allows eval-based PHP code injection by a moderator because the IPS\cms\modules\front\pages\_builder::previewBlock method interacts unsafely with the IPS\_Theme::runProcessFunction method. network low complexity invisioncommunity CWE-94	8.8
2021-05-29	CVE-2021-30461	Code Injection vulnerability in Voipmonitor A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. network low complexity voipmonitor CWE-94 critical	9.8
2021-05-24	CVE-2020-28905	Code Injection vulnerability in Nagios Fusion Improper Input Validation in Nagios Fusion 4.1.8 and earlier allows an authenticated attacker to execute remote code via table pagination. network low complexity nagios CWE-94	8.8
2021-05-21	CVE-2021-27811	Code Injection vulnerability in Qibosoft 1.0 A code injection vulnerability has been discovered in the Upgrade function of QibosoftX1 v1.0. network low complexity qibosoft CWE-94	7.2
2021-05-14	CVE-2021-32817	Code Injection vulnerability in Express Handlebars Project Express Handlebars express-hbs is an Express handlebars template engine. network high complexity express-handlebars-project CWE-94	6.8
2021-05-14	CVE-2021-32820	Code Injection vulnerability in Express Handlebars Project Express Handlebars Express-handlebars is a Handlebars view engine for Express. network low complexity express-handlebars-project CWE-94	8.6
2021-05-11	CVE-2021-27611	Code Injection vulnerability in SAP Netweaver Application Server Abap SAP NetWeaver AS ABAP, versions - 700, 701, 702, 730, 731, allow a high privileged attacker to inject malicious code by executing an ABAP report when the attacker has access to the local SAP system. local low complexity sap CWE-94	6.7
2021-05-10	CVE-2021-29502	Code Injection vulnerability in Warnsystem Project Warnsystem WarnSystem is a cog (plugin) for the Red discord bot. network low complexity warnsystem-project CWE-94	6.5
2021-04-23	CVE-2021-22205	Code Injection vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. network low complexity gitlab CWE-94 critical	10.0
2021-04-23	CVE-2021-22204	Code Injection vulnerability in multiple products Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image local low complexity exiftool-project debian fedoraproject CWE-94	7.8