Vulnerabilities > Improper Control of Generation of Code ('Code Injection')

DATE CVE VULNERABILITY TITLE RISK
2024-08-17 CVE-2024-7899 Code Injection vulnerability in Innocms 0.3.1
A vulnerability, which was classified as critical, has been found in InnoCMS 0.3.1.
network
low complexity
innocms CWE-94
7.2
2024-08-12 CVE-2024-22116 Code Injection vulnerability in Zabbix
An administrator with restricted permissions can exploit the script execution functionality within the Monitoring Hosts section.
network
low complexity
zabbix CWE-94
7.2
2024-08-12 CVE-2024-22123 Code Injection vulnerability in Zabbix
Setting SMS media allows to set GSM modem file.
network
low complexity
zabbix CWE-94
2.7
2024-08-08 CVE-2024-37382 Code Injection vulnerability in Abinitio Authorization Gateway and Metadata HUB
An issue discovered in import host feature in Ab Initio Metadata Hub and Authorization Gateway before 4.3.1.1 allows attackers to run arbitrary code via crafted modification of server configuration.
network
low complexity
abinitio CWE-94
7.2
2024-08-08 CVE-2024-42355 Code Injection vulnerability in Shopware
Shopware, an open ecommerce platform, has a new Twig Tag `sw_silent_feature_call` which silences deprecation messages while triggered in this tag.
network
low complexity
shopware CWE-94
critical
9.8
2024-08-08 CVE-2024-42356 Code Injection vulnerability in Shopware
Shopware is an open commerce platform.
network
low complexity
shopware CWE-94
7.2
2024-08-08 CVE-2024-3958 Code Injection vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2.
network
low complexity
gitlab CWE-94
6.5
2024-08-08 CVE-2024-6891 Code Injection vulnerability in Journyx 11.5.4
Attackers with a valid username and password can exploit a python code injection vulnerability during the natural login flow.
network
low complexity
journyx CWE-94
8.8
2024-08-05 CVE-2024-34344 Code Injection vulnerability in Nuxt
Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js.
network
low complexity
nuxt CWE-94
8.8
2024-08-02 CVE-2024-41127 Code Injection vulnerability in Monkeytype
Monkeytype is a minimalistic and customizable typing test.
network
low complexity
monkeytype CWE-94
critical
9.6