Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-01 | CVE-2019-10684 | Code Injection vulnerability in 74Cms 5.0.1 Application/Admin/Controller/ConfigController.class.php in 74cms v5.0.1 allows remote attackers to execute arbitrary PHP code via the index.php?m=Admin&c=config&a=edit site_domain parameter. | 9.8 |
| 2019-03-29 | CVE-2017-18108 | Code Injection vulnerability in Atlassian Crowd The administration SMTP configuration resource in Atlassian Crowd before version 2.10.2 allows remote attackers with administration rights to execute arbitrary code via a JNDI injection. | 7.2 |
| 2019-03-27 | CVE-2018-19641 | Code Injection vulnerability in Microfocus Solutions Business Manager Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | 9.8 |
| 2019-03-26 | CVE-2014-5401 | Code Injection vulnerability in Hospira Mednet 5.8 Hospira MedNet software version 5.8 and prior uses vulnerable versions of the JBoss Enterprise Application Platform software that may allow unauthenticated users to execute arbitrary code on the target system. | 9.8 |
| 2019-03-25 | CVE-2019-7609 | Code Injection vulnerability in multiple products Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. | 10.0 |
| 2019-03-24 | CVE-2019-10015 | Code Injection vulnerability in Baigo SSO 3.0.1 baigoStudio baigoSSO v3.0.1 allows remote attackers to execute arbitrary PHP code via the first form field of a configuration screen, because this code is written to the BG_SITE_NAME field in the opt_base.inc.php file. | 7.2 |
| 2019-03-11 | CVE-2019-9651 | Code Injection vulnerability in Sdcms 1.7 An issue was discovered in SDCMS V1.7. | 9.8 |
| 2019-03-07 | CVE-2013-7468 | Code Injection vulnerability in Simplemachines Simple Machines Forum 2.0.4 Simple Machines Forum (SMF) 2.0.4 allows PHP Code Injection via the index.php?action=admin;area=languages;sa=editlang dictionary parameter. | 8.1 |
| 2019-02-28 | CVE-2019-9227 | Code Injection vulnerability in Baigo CMS 2.1.1 An issue was discovered in baigo CMS 2.1.1. | 9.8 |
| 2019-02-25 | CVE-2019-9115 | Code Injection vulnerability in Irisnet Irisnet-Crypto In irisnet-crypto before 1.1.7 for IRISnet, the util/utils.js file allows code execution because of unsafe eval usage. | 9.8 |