CVE-2024-32599

CVE-2024-32599 is an unauthenticated code injection vulnerability in the WordPress plugin WP Dummy Content Generator up to version 3.2.1. The issue is described as an Improper Control of Generation of Code, enabling arbitrary code execution. The CVSS scope is CHANGED with a base score of 10.0, ve...

CVE-2024-31864

CVE-2024-31864 affects Apache Zeppelin prior to 0.11.1, enabling code injection when establishing a MySQL JDBC connection. The issue is described as improper control of generation of code, with a CVSS v3.1 base score of 9.8 (Network, HIGH impact on confidentiality, integrity, and availability). T...

Code injection

Improper Control of Generation of Code 'Code Injection' vulnerability in TienCOP WP EXtra.This issue affects WP EXtra: from n/a through 6.2...

CVE-2023-5500 Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability

This vulnerability allows an remote attacker with low privileges to misuse Improper Control of Generation of Code 'Code Injection' to gain full control of the affected device...

CVE-2023-40252

Improper Control of Generation of Code 'Code Injection' vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Replace Trusted Executable.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from...

CVE-2023-37199

A CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exists that could cause remote code execution when an admin user on DCE tampers with backups which are then manually restored...

Kardex Mlog MCC 5.7.12+0-a203c2a213-master File Inclusion / Remote Code Execution Vulnerabilities

Kardex Mlog MCC version 5.7.12+0-a203c2a213-master suffers from a file inclusion vulnerability that allows for remote code execution. Remote Code Execution in Kardex MLOG ======================================================================= Product: Kardex Mlog MCC Vendor: Kardex Holding AG...

Kardex Mlog MCC 5.7.12+0-a203c2a213-master File Inclusion / Remote Code Execution

Remote Code Execution in Kardex MLOG ======================================================================= Product: Kardex Mlog MCC Vendor: Kardex Holding AG Tested Version: 5.7.12+0-a203c2a213-master Fixed Version: inline patch - no new version number Vulnerability Type: Improper Control of...

CVE-2023-0575 Remote Code Execution

External Control of Critical State Data, Improper Control of Generation of Code 'Code Injection' vulnerability in YugaByte, Inc. Yugabyte DB on Windows, Linux, MacOS, iOS DevopsBase.Java:execCommand, TableManager.Java:runCommand modules allows API Manipulation, Privilege Abuse. This vulnerability...

Siemens RUGGEDCOM ROS Code Injection

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

EulerOS 2.0 SP5 : pcp (EulerOS-SA-2020-2557)

According to the versions of the pcp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE...