Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

CVEs (6,471)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-1150 1Microsoft 8Windows 10 Windows 7Windows 8.1+5 more Feb 20, 2026 Aug 14, 2019 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected...Show more A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. There are multiple ways an attacker could exploit the vulnerability: In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email or instant message that takes users to the attacker's website, or by opening an attachment sent through email. In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability and then convince users to open the document file. The security update addresses the vulnerability by correcting how the Windows font library handles embedded fonts.Show less
CVE-2019-1057 1Microsoft 8Windows 10 Windows 7Windows 8.1+5 more Feb 20, 2026 Aug 14, 2019 N/A· v4 7.5 HIGH· v3 9.3 HIGH· v2 A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take cont...Show more A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could host a specially crafted website designed to invoke MSXML through a web browser. However, an attacker would have no way to force a user to visit such a website. Instead, an attacker would typically have to convince a user to either click a link in an email message or instant message that would then take the user to the website. When Internet Explorer parses the XML content, an attacker could run malicious code remotely to take control of the user’s system. The update addresses the vulnerability by correcting how the MSXML parser processes user input.Show less
CVE-2019-0343 1Sap 1Commerce Cloud Nov 21, 2024 Aug 14, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 SAP Commerce Cloud (Mediaconversion Extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, allows an authenticated Backoffice/HMC user to inject code that can be executed by the application, leading to Code Injection...Show more SAP Commerce Cloud (Mediaconversion Extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, allows an authenticated Backoffice/HMC user to inject code that can be executed by the application, leading to Code Injection. An attacker could thereby control the behavior of the application.Show less
CVE-2015-9298 1Pixelite 1Events Manager Nov 21, 2024 Aug 13, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The events-manager plugin before 5.6 for WordPress has code injection.
CVE-2019-14965 1Frappe 1Frappe Nov 21, 2024 Aug 12, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Frappe Framework 10 through 12 before 12.0.4. A server side template injection (SSTI) issue exists.
CVE-2019-14746 1Kuaifan 1Kuaifancms Nov 21, 2024 Aug 7, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request.
CVE-2017-18468 1Cpanel 1Cpanel Nov 21, 2024 Aug 5, 2019 N/A· v4 6.3 MEDIUM· v3 6.5 MEDIUM· v2 cPanel before 62.0.17 allows demo accounts to execute code via the Htaccess::setphppreference API (SEC-232).
CVE-2019-7871 1Magento 1Magento Nov 21, 2024 Aug 2, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A security bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 that could be abused to execute arbitrary PHP code. An authenticated user can bypass security protections th...Show more A security bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 that could be abused to execute arbitrary PHP code. An authenticated user can bypass security protections that prevent arbitrary PHP script upload via form data injection.Show less
CVE-2019-9140 1Happypointcard 1Happypoint Nov 21, 2024 Aug 1, 2019 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 When processing Deeplink scheme, Happypoint mobile app 6.3.19 and earlier versions doesn't check Deeplink URL correctly. This could lead to javascript code execution, url redirection, sensitive information disclosure. An...Show more When processing Deeplink scheme, Happypoint mobile app 6.3.19 and earlier versions doesn't check Deeplink URL correctly. This could lead to javascript code execution, url redirection, sensitive information disclosure. An attacker can exploit this issue by enticing an unsuspecting user to open a specific malicious URL.Show less
CVE-2018-20931 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 6.3 MEDIUM· v3 6.5 MEDIUM· v2 cPanel before 70.0.23 allows demo accounts to execute code via the Landing Page (SEC-405).
CVE-2019-0193 2Apache Debian 2Debian Linux Solr Oct 27, 2025 Aug 1, 2019 N/A· v4 7.2 HIGH· v3 9.0 HIGH· v2 In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter....Show more In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging / development of a DIH config. Since a DIH config can contain scripts, this parameter is a security risk. Starting with version 8.2.0 of Solr, use of this parameter requires setting the Java System property "enable.dih.dataConfigParam" to true.Show less
CVE-2018-20896 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 3.9 LOW· v3 3.3 LOW· v2 cPanel before 71.9980.37 allows code injection in the WHM cPAddons interface (SEC-394).
CVE-2019-10182 2Icedtea Web Project Redhat 6Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Aus+3 more Nov 21, 2024 Jul 31, 2019 N/A· v4 6.5 MEDIUM· v3 5.8 MEDIUM· v2 It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from <jar/> elements in JNLP files. An attacker could trick a victim into running a specially crafted application and use this flaw to...Show more It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from <jar/> elements in JNLP files. An attacker could trick a victim into running a specially crafted application and use this flaw to upload arbitrary files to arbitrary locations in the context of the user.Show less
CVE-2019-11201 1Dolibarr 1Dolibarr Erp/crm Nov 21, 2024 Jul 29, 2019 N/A· v4 8.0 HIGH· v3 8.5 HIGH· v2 Dolibarr ERP/CRM 9.0.1 provides a module named website that provides for creation of public websites with a WYSIWYG editor. It was identified that the editor also allowed inclusion of dynamic code, which can lead to code...Show more Dolibarr ERP/CRM 9.0.1 provides a module named website that provides for creation of public websites with a WYSIWYG editor. It was identified that the editor also allowed inclusion of dynamic code, which can lead to code execution on the host machine. An attacker has to check a setting on the same page, which specifies the inclusion of dynamic content. Thus, a lower privileged user of the application can execute code under the context and permissions of the underlying web server.Show less
CVE-2019-14282 1Simple Captcha2 Project 1Simple Captcha2 Nov 21, 2024 Jul 26, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The simple_captcha2 gem 0.2.3 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.
CVE-2019-14281 1Datagrid Project 1Datagrid Nov 21, 2024 Jul 26, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The datagrid gem 1.0.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.
CVE-2019-10173 2Oracle Xstream 10Banking Platform Business Activity MonitoringCommunications Billing And Revenue Management Elastic Charging Engine+7 more May 14, 2025 Jul 23, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary...Show more It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. e.g. JSON. (regression of CVE-2013-7285)Show less
CVE-2019-11552 1Code42 2Code42 For Enterprise Crashplan For Small Business Nov 21, 2024 Jul 19, 2019 N/A· v4 7.0 HIGH· v3 4.4 MEDIUM· v2 Code42 Enterprise and Crashplan for Small Business Client version 6.7 before 6.7.5, 6.8 before 6.8.8, and 6.9 before 6.9.4 allows eval injection. A proxy auto-configuration file, crafted by a lesser privileged user, may...Show more Code42 Enterprise and Crashplan for Small Business Client version 6.7 before 6.7.5, 6.8 before 6.8.8, and 6.9 before 6.9.4 allows eval injection. A proxy auto-configuration file, crafted by a lesser privileged user, may be used to execute arbitrary code at a higher privilege as the service user.Show less
CVE-2019-13956 1Codersclub 1Discuz!ml Nov 21, 2024 Jul 18, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH4_0df5_language=en to 4gH4_0df5_language=en'.phpinfo().'; (if the random pref...Show more Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH4_0df5_language=en to 4gH4_0df5_language=en'.phpinfo().'; (if the random prefix 4gH4_0df5_ were used).Show less
CVE-2019-9848 5Canonical DebianFedoraproject+2 more 5Debian Linux FedoraLeap+2 more Nov 21, 2024 Jul 17, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable tu...Show more LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrary python commands. By using the document event feature to trigger LibreLogo to execute python contained within a document a malicious document could be constructed which would execute arbitrary python commands silently without warning. In the fixed versions, LibreLogo cannot be called from a document event handler. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5.Show less

Previous 1...203204205...324 Next