Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-25 | CVE-2019-9115 | Code Injection vulnerability in Irisnet Irisnet-Crypto In irisnet-crypto before 1.1.7 for IRISnet, the util/utils.js file allows code execution because of unsafe eval usage. | 9.8 |
| 2019-02-18 | CVE-2018-3700 | Code Injection vulnerability in Intel USB 3.0 Extensible Host Controller Driver 5.0.4.42/5.0.4.43 Code injection vulnerability in the installer for Intel(R) USB 3.0 eXtensible Host Controller Driver for Microsoft Windows 7 before version 5.0.4.43v2 may allow a user to potentially enable escalation of privilege via local access. | 6.7 |
| 2019-02-15 | CVE-2019-8341 | Code Injection vulnerability in multiple products An issue was discovered in Jinja2 2.10. | 9.8 |
| 2019-02-11 | CVE-2019-7720 | Code Injection vulnerability in Taogogo Taocms taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request. | 9.8 |
| 2019-02-11 | CVE-2019-7719 | Code Injection vulnerability in Nibbleblog 4.0.5 Nibbleblog 4.0.5 allows eval injection by placing PHP code in the install.php username parameter and then making a content/private/shadow.php request. | 9.8 |
| 2019-02-11 | CVE-2018-20775 | Code Injection vulnerability in Frog CMS Project Frog CMS 0.9.5 admin/?/plugin/file_manager in Frog CMS 0.9.5 allows PHP code execution by creating a new .php file containing PHP code, and then visiting this file under the public/ URI. | 7.2 |
| 2019-02-11 | CVE-2018-20773 | Code Injection vulnerability in Frog CMS Project Frog CMS 0.9.5 Frog CMS 0.9.5 allows PHP code execution by visiting admin/?/page/edit/1 and inserting additional <?php lines. | 7.2 |
| 2019-02-11 | CVE-2018-20772 | Code Injection vulnerability in Frog CMS Project Frog CMS 0.9.5 Frog CMS 0.9.5 allows PHP code execution via <?php to the admin/?/layout/edit/1 URI. | 7.2 |
| 2019-02-10 | CVE-2018-20768 | Code Injection vulnerability in Xerox products An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. | 9.8 |
| 2019-02-10 | CVE-2019-7692 | Code Injection vulnerability in CIM Project CIM 0.9.3 install/install.php in CIM 0.9.3 allows remote attackers to execute arbitrary PHP code via a crafted prefix value because of configuration file mishandling in the N=83 case, as demonstrated by a call to the PHP fputs function that creates a .php file in the public folder. | 9.8 |