Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

CVEs (6,471)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-8341 2Opensuse Pocoo 2Jinja2 Leap Nov 21, 2024 Feb 15, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker...Show more An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxingShow less
CVE-2019-7720 1Taogogo 1Taocms Nov 21, 2024 Feb 11, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request.
CVE-2019-7719 1Nibbleblog 1Nibbleblog Nov 21, 2024 Feb 11, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Nibbleblog 4.0.5 allows eval injection by placing PHP code in the install.php username parameter and then making a content/private/shadow.php request.
CVE-2018-20775 1Frog Cms Project 1Frog Cms Nov 21, 2024 Feb 11, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 admin/?/plugin/file_manager in Frog CMS 0.9.5 allows PHP code execution by creating a new .php file containing PHP code, and then visiting this file under the public/ URI.
CVE-2018-20773 1Frog Cms Project 1Frog Cms Nov 21, 2024 Feb 11, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 Frog CMS 0.9.5 allows PHP code execution by visiting admin/?/page/edit/1 and inserting additional <?php lines.
CVE-2018-20772 1Frog Cms Project 1Frog Cms Nov 21, 2024 Feb 11, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 Frog CMS 0.9.5 allows PHP code execution via <?php to the admin/?/layout/edit/1 URI.
CVE-2018-20768 1Xerox 29Workcentre 3655 Firmware Workcentre 3655i FirmwareWorkcentre 5845 Firmware+26 more Nov 21, 2024 Feb 10, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute...Show more An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute PHP code by leveraging a writable file.Show less
CVE-2019-7692 1Cim Project 1Cim Nov 21, 2024 Feb 10, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 install/install.php in CIM 0.9.3 allows remote attackers to execute arbitrary PHP code via a crafted prefix value because of configuration file mishandling in the N=83 case, as demonstrated by a call to the PHP fputs fun...Show more install/install.php in CIM 0.9.3 allows remote attackers to execute arbitrary PHP code via a crafted prefix value because of configuration file mishandling in the N=83 case, as demonstrated by a call to the PHP fputs function that creates a .php file in the public folder.Show less
CVE-2019-7580 1Thinkcmf 1Thinkcmf Nov 21, 2024 Feb 7, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via the portal/admin_category/addpost.html alias parameter because the mishandling of a single quote character allows data/conf/route.php injectio...Show more ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via the portal/admin_category/addpost.html alias parameter because the mishandling of a single quote character allows data/conf/route.php injection.Show less
CVE-2018-19002 1Lcds 1Laquis Scada Nov 21, 2024 Feb 5, 2019 N/A· v4 7.8 HIGH· v3 8.3 HIGH· v2 LCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control of generation of code when opening a specially crafted project file, which may allow remote code execution, data exfiltration, or cause a system crash...Show more LCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control of generation of code when opening a specially crafted project file, which may allow remote code execution, data exfiltration, or cause a system crash.Show less
CVE-2019-4038 1Ibm 1Security Identity Manager Nov 21, 2024 Feb 4, 2019 N/A· v4 6.2 MEDIUM· v3 4.6 MEDIUM· v2 IBM Security Identity Manager 6.0 and 7.0 could allow an attacker to create unexpected control flow paths through the application, potentially bypassing security checks. Exploitation of this weakness can result in a limi...Show more IBM Security Identity Manager 6.0 and 7.0 could allow an attacker to create unexpected control flow paths through the application, potentially bypassing security checks. Exploitation of this weakness can result in a limited form of code injection. IBM X-Force ID: 156162.Show less
CVE-2019-6713 1Thinkcmf 1Thinkcmf Nov 21, 2024 Jan 23, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 app\admin\controller\RouteController.php in ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code by using vectors involving portal/List/index and list/:id to inject this code into data\conf\route.php...Show more app\admin\controller\RouteController.php in ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code by using vectors involving portal/List/index and list/:id to inject this code into data\conf\route.php, as demonstrated by a file_put_contents call.Show less
CVE-2018-19011 1Omron 1Cx Supervisor Nov 21, 2024 Jan 22, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 CX-Supervisor (Versions 3.42 and prior) can execute code that has been injected into a project file. An attacker could exploit this to execute code under the privileges of the application.
CVE-2018-20717 1Prestashop 1Prestashop Nov 21, 2024 Jan 15, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 In the orders section of PrestaShop before 1.7.2.5, an attack is possible after gaining access to a target store with a user role with the rights of at least a Salesman or higher privileges. The attacker can then inject...Show more In the orders section of PrestaShop before 1.7.2.5, an attack is possible after gaining access to a target store with a user role with the rights of at least a Salesman or higher privileges. The attacker can then inject arbitrary PHP objects into the process and abuse an object chain in order to gain Remote Code Execution. This occurs because protection against serialized objects looks for a 0: followed by an integer, but does not consider 0:+ followed by an integer.Show less
CVE-2017-18356 1Woocommerce 1Woocommerce Nov 21, 2024 Jan 15, 2019 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an attack is possible after gaining access to the target site with a user account that has at least Shop manager privileges. The attacker then constructs a...Show more In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an attack is possible after gaining access to the target site with a user account that has at least Shop manager privileges. The attacker then constructs a specifically crafted string that will turn into a PHP object injection involving the includes/shortcodes/class-wc-shortcode-products.php WC_Shortcode_Products::get_products() use of cached queries within shortcodes.Show less
CVE-2017-1002152 1Redhat 1Bodhi Nov 21, 2024 Jan 10, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Bodhi 2.9.0 and lower is vulnerable to cross-site scripting resulting in code injection caused by incorrect validation of bug titles.
CVE-2018-0461 1Cisco 1Ip Phone 8800 Series Firmware Nov 21, 2024 Jan 10, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A vulnerability in the Cisco IP Phone 8800 Series Software could allow an unauthenticated, remote attacker to conduct an arbitrary script injection attack on an affected device. The vulnerability exists because the softw...Show more A vulnerability in the Cisco IP Phone 8800 Series Software could allow an unauthenticated, remote attacker to conduct an arbitrary script injection attack on an affected device. The vulnerability exists because the software running on an affected device insufficiently validates user-supplied data. An attacker could exploit this vulnerability by persuading a user to click a malicious link provided to the user or through the interface of an affected device. A successful exploit could allow an attacker to execute arbitrary script code in the context of the user interface or access sensitive system-based information, which under normal circumstances should be prohibited.Show less
CVE-2018-16168 1Jpcert 1Logontracer Nov 21, 2024 Jan 9, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 LogonTracer 1.2.0 and earlier allows remote attackers to conduct Python code injection attacks via unspecified vectors.
CVE-2016-9651 2Google Redhat 4Chrome Enterprise Linux DesktopEnterprise Linux Server+1 more Nov 21, 2024 Jan 9, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.0.2883.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2019-0542 2Redhat Xtermjs 2Openshift Container Platform Xterm.js Nov 21, 2024 Jan 9, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A remote code execution vulnerability exists in Xterm.js when the component mishandles special characters, aka "Xterm Remote Code Execution Vulnerability." This affects xterm.js.

Previous 1...206207208...324 Next