CVE-2024-31380

Improper Control of Generation of Code 'Code Injection' vulnerability in Soflyy Oxygen Builder allows Code Injection. Vendor is ignoring report, refuses to patch the issue.This issue affects Oxygen Builder: from n/a through 4.9...

CVE-2025-22204

Improper control of generation of code in the sourcerer extension for Joomla in versions before 11.0.0 lead to a remote code execution vulnerability...

The vulnerability of the TemplateHandler component in the \src\main\java\com\cms\controller\admin\TemplateController.java file of the Jfinal CMS content management system allows a hacker to execute arbitrary code.

The vulnerability of the TemplateHandler component in the \src\main\java\com\cms\controller\admin\TemplateController.java file of the Jfinal CMS content management system is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...

The vulnerability of the remember() function in the Laravel Pulse performance monitoring and application usage analysis tool allows a hacker to execute arbitrary code.

The vulnerability of the remember function in the Laravel Pulse performance monitoring and application usage analysis tool is related to improper code generation. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

The vulnerability of the setup.php file in the phpMyAdmin web application for database management systems allows a hacker to execute arbitrary PHP code.

The vulnerability of the setup.php file in the phpMyAdmin web application for database management systems is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary PHP code remotely...

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to improper code generation management, allowing an attacker to execute arbitrary code.

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to improper code generation. Exploiting these vulnerabilities allows a remote attacker to execute arbitrary code...

The vulnerability of the ObjectSerializationDecoder decoder in the Apache MINA Java networking framework allows a attacker to execute arbitrary code.

The vulnerability of the ObjectSerializationDecoder decoder in the Apache MINA Java networking framework is related to the restoration of unreliable data due to improper code generation. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the Craft CMS content management system’s `register_argc_argv` configuration allows a hacker to execute arbitrary code.

The vulnerability of the Craft CMS content management system’s registerargcargv configuration is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of Sophos Firewall’s network firewalls (formerly known as Sophos XG Firewall) is related to improper handling of code generation, allowing attackers to execute arbitrary code.

The vulnerability of Sophos Firewall’s network firewalls formerly known as Sophos XG Firewall is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Now Platform IT-infrastructure management system, related to improper code generation, allows a hacker to execute arbitrary code.

The vulnerability of the Now Platform IT infrastructure management system is related to incorrect code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

WordPress plugin WPLMS 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

The vulnerability of the application development environment and the Angular single-page application platform, related to improper code generation management, allows attackers to execute arbitrary code.

The vulnerability of the application development environment and the Angular single-page application platform is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of microprogramming software in embedded network control controllers of ASPECT Enterprise, NEXUS Series, and MATRIX Series lies in improper code generation, allowing attackers to execute arbitrary codes.

The vulnerability of microprogramming software in embedded network control controllers of ASPECT Enterprise, NEXUS Series, and MATRIX Series is related to improper code generation. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the Qlik Sense Enterprise data analysis platform, related to improper code generation management, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Qlik Sense Enterprise data analysis platform is related to improper code generation management. Exploiting this vulnerability can allow an attacker operating remotely to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of microprogramming software in embedded network control controllers of ASPECT Enterprise, NEXUS Series, and MATRIX Series lies in improper code generation, allowing attackers to execute arbitrary codes.

The vulnerability of microprogramming software in embedded network control controllers of ASPECT Enterprise, NEXUS Series, and MATRIX Series is related to improper code generation. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of Sonatype Nexus Repository Manager, related to improper code generation management, allows a perpetrator to execute arbitrary code.

The vulnerability of Sonatype Nexus Repository Manager is related to improper code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by publishing Maven artifacts...

The vulnerability of the SourceTree visual Git client, related to improper code generation management, allows a hacker to execute arbitrary code.

The vulnerability of the visual Git client SourceTree is related to incorrect code generation management. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Apache OFBiz resource planning software lies in improper code generation management, which allows attackers to execute SSRF attacks.

The vulnerability of Apache OFBiz’s resource planning software lies in improper code generation management. Exploiting this vulnerability allows a remote attacker to execute an SSRF attack...

CVE-2024-10094

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...

BG-TEK Informatics CoslatV3 代码注入漏洞

BG-TEK Informatics CoslatV3 is an application from BG-TEK Informatics. A code injection vulnerability exists in BG-TEK Informatics CoslatV3 version 3.1069 and earlier, which stems from improper code generation controls that allow command injection...