Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

CVEs (6,471)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-29492 13rdmill 1Novi Survey Oct 27, 2025 Apr 11, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data.
CVE-2023-27897 1Sap 1Customer Relationship Management Nov 21, 2024 Apr 11, 2023 N/A· v4 6.3 MEDIUM· v3 N/A· v2 In SAP CRM - versions 700, 701, 702, 712, 713, an attacker who is authenticated with a non-administrative role and a common remote execution authorization can use a vulnerable interface to execute an application function...Show more In SAP CRM - versions 700, 701, 702, 712, 713, an attacker who is authenticated with a non-administrative role and a common remote execution authorization can use a vulnerable interface to execute an application function to perform actions which they would not normally be permitted to perform. Depending on the function executed, the attack can can have limited impact on confidentiality and integrity of non-critical user or application data and application availability. Show less
CVE-2023-27650 1Apusapps 1Launcher Feb 11, 2025 Apr 10, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue found in APUS Group Launcher v.3.10.73 and v.3.10.88 allows a remote attacker to execute arbitrary code via the FONT_FILE parameter.
CVE-2023-1947 1Taogogo 1Taocms Nov 21, 2024 Apr 7, 2023 N/A· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability was found in taoCMS 3.0.2. It has been classified as critical. Affected is an unknown function of the file /admin/admin.php. The manipulation leads to code injection. It is possible to launch the attack r...Show more A vulnerability was found in taoCMS 3.0.2. It has been classified as critical. Affected is an unknown function of the file /admin/admin.php. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225330 is the identifier assigned to this vulnerability.Show less
CVE-2023-28706 1Apache 1Airflow Hive Provider Nov 21, 2024 Apr 7, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 6.0.0.
CVE-2023-26817 1Pgyer 1Codefever Feb 12, 2025 Apr 7, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 codefever before 2023.2.7-commit-b1c2e7f was discovered to contain a remote code execution (RCE) vulnerability via the component /controllers/api/user.php.
CVE-2023-24538 1Golang 1Go Feb 12, 2025 Apr 6, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action w...Show more Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to terminate the literal, injecting arbitrary Javascript code into the Go template. As ES6 template literals are rather complex, and themselves can do string interpolation, the decision was made to simply disallow Go template actions from being used inside of them (e.g. "var a = {{.}}"), since there is no obviously safe way to allow this behavior. This takes the same approach as github.com/google/safehtml. With fix, Template.Parse returns an Error when it encounters templates like this, with an ErrorCode of value 12. This ErrorCode is currently unexported, but will be exported in the release of Go 1.21. Users who rely on the previous behavior can re-enable it using the GODEBUG flag jstmpllitinterp=1, with the caveat that backticks will now be escaped. This should be used with caution.Show less
CVE-2023-1708 1Gitlab 1Gitlab Feb 10, 2025 Apr 5, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was identified in GitLab CE/EE affecting all versions from 1.0 prior to 15.8.5, 15.9 prior to 15.9.4, and 15.10 prior to 15.10.1 where non-printable characters gets copied from clipboard, allowing unexpected com...Show more An issue was identified in GitLab CE/EE affecting all versions from 1.0 prior to 15.8.5, 15.9 prior to 15.9.4, and 15.10 prior to 15.10.1 where non-printable characters gets copied from clipboard, allowing unexpected commands to be executed on victim machine.Show less
CVE-2023-27770 1Wondershare 1Edraw Max Feb 13, 2025 Apr 4, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 An issue found in Wondershare Technology Co.,Ltd Edraw-max v.12.0.4 allows a remote attacker to execute arbitrary commands via the edraw-max_setup_full5371.exe file.
CVE-2022-43938 1Hitachi 1Vantara Pentaho Business Analytics Server Nov 21, 2024 Apr 3, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x cannot allow a system administrator to disable scripting capabilities of Pentaho Reports (.prpt) through the JVM...Show more Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x cannot allow a system administrator to disable scripting capabilities of Pentaho Reports (.prpt) through the JVM script manager. Show less
CVE-2022-3960 1Hitachi 1Vantara Pentaho Business Analytics Server Nov 21, 2024 Apr 3, 2023 N/A· v4 6.3 MEDIUM· v3 N/A· v2 Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x cannot allow a system administrator to disable scripting capabilities of the Community Dashboard Editor (CDE) plug...Show more Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x cannot allow a system administrator to disable scripting capabilities of the Community Dashboard Editor (CDE) plugin. Show less
CVE-2022-43769 1Hitachi 1Vantara Pentaho Business Analytics Server Oct 24, 2025 Apr 3, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.
CVE-2023-26119 1Htmlunit 1Htmlunit Nov 21, 2024 Apr 3, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Versions of the package net.sourceforge.htmlunit:htmlunit from 0 and before 3.0.0 are vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage.
CVE-2023-1773 1Rockoa 1Rockoa Nov 21, 2024 Mar 31, 2023 N/A· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A vulnerability was found in Rockoa 2.3.2. It has been declared as critical. This vulnerability affects unknown code of the file webmainConfig.php of the component Configuration File Handler. The manipulation leads to co...Show more A vulnerability was found in Rockoa 2.3.2. It has been declared as critical. This vulnerability affects unknown code of the file webmainConfig.php of the component Configuration File Handler. The manipulation leads to code injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-224674 is the identifier assigned to this vulnerability.Show less
CVE-2023-25261 1Stimulsoft 2Designer Viewer Feb 19, 2025 Mar 27, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Certain Stimulsoft GmbH products are affected by: Remote Code Execution. This affects Stimulsoft Designer (Desktop) 2023.1.4 and Stimulsoft Designer (Web) 2023.1.3 and Stimulsoft Viewer (Web) 2023.1.3. Access to the loca...Show more Certain Stimulsoft GmbH products are affected by: Remote Code Execution. This affects Stimulsoft Designer (Desktop) 2023.1.4 and Stimulsoft Designer (Web) 2023.1.3 and Stimulsoft Viewer (Web) 2023.1.3. Access to the local file system is not prohibited in any way. Therefore, an attacker may include source code which reads or writes local directories and files. It is also possible for the attacker to prepare a report which has a variable that holds the gathered data and render it in the report.Show less
CVE-2023-24835 1Softnext 1Spam Sqr Nov 21, 2024 Mar 27, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 Softnext Technologies Corp.’s SPAM SQR has a vulnerability of Code Injection within its specific function. An authenticated remote attacker with administrator privilege can exploit this vulnerability to execute arbitrary...Show more Softnext Technologies Corp.’s SPAM SQR has a vulnerability of Code Injection within its specific function. An authenticated remote attacker with administrator privilege can exploit this vulnerability to execute arbitrary system command to perform arbitrary system operation or disrupt service.Show less
CVE-2022-38745 1Apache 1Openoffice Feb 13, 2025 Mar 24, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
CVE-2023-28333 2Fedoraproject Moodle 2Fedora Moodle Nov 21, 2024 Mar 23, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS).
CVE-2023-24709 1Paradox 1Ipr512 Firmware Feb 28, 2025 Mar 21, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters.
CVE-2023-1306 1Rapid7 2Insightappsec Insightcloudsec Feb 26, 2025 Mar 21, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 An authenticated attacker can leverage an exposed resource.db() accessor method to smuggle Python method calls via a Jinja template, which can lead to code execution. This issue was resolved in the Managed and SaaS deplo...Show more An authenticated attacker can leverage an exposed resource.db() accessor method to smuggle Python method calls via a Jinja template, which can lead to code execution. This issue was resolved in the Managed and SaaS deployments on February 1, 2023, and in version 23.2.1 of the Self-Managed version of InsightCloudSec. Show less

Previous 1...170171172...324 Next