Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-08 | CVE-2019-0247 | Code Injection vulnerability in SAP Cloud Connector SAP Cloud Connector, before version 2.11.3, allows an attacker to inject code that can be executed by the application. | 9.8 |
| 2019-01-03 | CVE-2019-3575 | Code Injection vulnerability in Sqla Yaml Fixtures Project Sqla Yaml Fixtures 0.9.1 Sqla_yaml_fixtures 0.9.1 allows local users to execute arbitrary python code via the fixture_text argument in sqla_yaml_fixtures.load. | 7.8 |
| 2018-12-30 | CVE-2018-20605 | Code Injection vulnerability in Txjia Imcat 4.4 imcat 4.4 allows remote attackers to execute arbitrary PHP code by using root/run/adm.php to modify the boot/bootskip.php file. | 9.8 |
| 2018-12-30 | CVE-2018-20599 | Code Injection vulnerability in Ucms Project Ucms 1.4.7 UCMS 1.4.7 allows remote attackers to execute arbitrary PHP code by entering this code during an index.php sadmin_fileedit action. | 8.8 |
| 2018-12-24 | CVE-2018-7801 | Code Injection vulnerability in Schneider-Electric Evlink Parking Firmware 3.1.133/3.2.012 A Code Injection vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which could enable access with maximum privileges when a remote code execution is performed. | 8.8 |
| 2018-12-21 | CVE-2018-20325 | Code Injection vulnerability in Definitions Project Definitions There is a vulnerability in load() method in definitions/parser.py in the Danijar Hafner definitions package for Python. | 9.8 |
| 2018-12-20 | CVE-2018-1000881 | Code Injection vulnerability in Traccar Server Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability in ComputedAttributesHandler.java that can result in Remote Command Execution. | 9.8 |
| 2018-12-20 | CVE-2018-20300 | Code Injection vulnerability in Phome Empirecms 7.5 Empire CMS 7.5 allows remote attackers to execute arbitrary PHP code via the ftemp parameter in an enews=EditMemberForm action because this code is injected into a memberform.$fid.php file. | 9.8 |
| 2018-12-17 | CVE-2018-20133 | Code Injection vulnerability in Ymlref Project Ymlref ymlref allows code injection. | 9.8 |
| 2018-12-17 | CVE-2018-20027 | Code Injection vulnerability in Lisa-Lab Pylearn2 The yaml_parse.load method in Pylearn2 allows code injection. | 9.8 |