CVE-2024-5683

Improper Control of Generation of Code 'Code Injection' vulnerability in Next4Biz CRM & BPM Software Business Process Manangement BPM allows Remote Code Inclusion. This issue affects Business Process Manangement BPM: from 6.6.4.4 before 6.6.4.5...

PT-2024-27397 · Unknown · Instawp Connect

Name of the Vulnerable Software and Affected Versions: InstaWP Connect versions 0.1.0.38 and earlier Description: The issue is related to an Improper Control of Generation of Code 'Code Injection' vulnerability, which allows Code Injection. Recommendations: For InstaWP Connect versions 0.1.0.38 a...

WordPress plugin InstaWP Connect code injection vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

The vulnerability of the `updateAuditSource` method in the Manager component of the Apache InLong data integration platform allows a perpetrator to execute arbitrary code.

The vulnerability of the updateAuditSource method in the Manager component of the Apache InLong integration platform is related to improper code generation management. Exploiting this vulnerability could allow an attacker operating remotely to execute arbitrary code...

GitLab 9.3 < 13.11.6 / 13.12 < 13.12.6 / 14.0 < 14.0.2 (CVE-2021-22230)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper code rendering while rendering merge requests could be exploited to submit malicious code. This vulnerability affects GitLab CE/EE 9.3 and later through 13.11.6, 13.12.6, and 14.0.2...

WordPress plugin Anti-Malware Security and Brute-Force Firewall 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in...

The vulnerability of the readCodeFor function in the mysql2 library allows a hacker to execute arbitrary code.

The vulnerability of the readCodeFor function in the mysql2 database library is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the NetWorker Client (nsrexecd) component of the Dell EMC NetWorker backup and recovery system allows a attacker to execute arbitrary code.

The vulnerability of the NetWorker Client nsrexecd component of the Dell EMC NetWorker backup and recovery system is related to improper code generation. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Fortinet FortiClient security device for Linux, related to improper code generation management, allows a hacker to execute arbitrary code.

The vulnerability of Fortinet’s FortiClient security device for Linux is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, provided that the user visits a specially crafted malicious website...

The vulnerability of the CMS system Grav CMS, related to improper code generation, allows a hacker to execute arbitrary code.

The vulnerability of the CMS system Grav CMS is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially created data...

Hitachi Energy MACH SCM (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.9 ATTENTION : Exploitable remotely Vendor : Hitachi Energy Equipment : MACH SCM Vulnerabilities : Improper Control of Generation of Code, Improper Neutralization of Directives in Dynamically Evaluated Code 2. RISK EVALUATION Successful exploitation of...

The vulnerability of Mozilla Firefox and Firefox ESR browsers allows attackers to elevate their privileges and execute arbitrary code.

The vulnerability of Mozilla Firefox and Firefox ESR browsers is related to incorrect event handling due to improper code generation. Exploiting this vulnerability allows a remote attacker to enhance their privileges and execute arbitrary code...

The vulnerability of the Ruby/Gitt library interpreter in Ruby, allowing attackers to execute arbitrary code

The vulnerability of the Ruby/Gitt library interpreter in Ruby is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the MyQ Print Server printing server lies in its improper handling of code generation, allowing attackers to execute arbitrary codes.

The vulnerability of the MyQ Print Server printer server is related to improper management of code generation. Exploiting this vulnerability allows a remote attacker to generate arbitrary codes...

The vulnerability of the Apache DolphinScheduler scheduler platform, related to improper code generation management, allows a hacker to execute arbitrary code.

The vulnerability of the Apache DolphinScheduler scheduler platform is related to improper management of code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the SAP Application Interface Framework, a software tool for developing and managing application interfaces, arises from improper code generation. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the SAP Application Interface Framework, a software tool for developing and managing application interfaces, is related to improper code generation. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of data...

The vulnerability of the Inter-Device Communication component of Cisco Firepower Threat Defense’s microprogramming software and Cisco Firepower Management Center’s network management software allows a attacker to execute arbitrary commands with root privileges.

The vulnerability of the Inter-Device Communication component of Cisco Firepower Threat Defense’s microprogramming-based network interface controllers, as well as the Cisco Firepower Management Center’s network management software, is related to improper code generation. Exploiting this...

The vulnerability of the XWiki platform, which is related to improper code generation management, allows a perpetrator to execute arbitrary code.

The vulnerability of the XWiki Platform lies in improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the user registration function of the XWiki Platform allows a perpetrator to execute arbitrary code.

The vulnerability of the user registration function of the XWiki Platform is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the ServiceNow Data Flow data management platform, related to improper code generation, allows a malicious actor to execute arbitrary code.

The vulnerability of the Data Flow management platform ServiceNow is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...