Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-0671

Summary
Assigner-@huntrdev
Assigner Org ID-c09c270a-b464-47c1-9133-acb35b22c19a
Published At-04 Feb, 2023 | 00:00
Updated At-25 Mar, 2025 | 20:12
Rejected At-
Credits

Code Injection in froxlor/froxlor

Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:@huntrdev
Assigner Org ID:c09c270a-b464-47c1-9133-acb35b22c19a
Published At:04 Feb, 2023 | 00:00
Updated At:25 Mar, 2025 | 20:12
Rejected At:
â–¼CVE Numbering Authority (CNA)
Code Injection in froxlor/froxlor

Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10.

Affected Products
Vendor
froxlor
Product
froxlor/froxlor
Versions
Affected
  • From unspecified before 2.0.10 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-94CWE-94 Improper Control of Generation of Code
Type: CWE
CWE ID: CWE-94
Description: CWE-94 Improper Control of Generation of Code
Metrics
VersionBase scoreBase severityVector
3.09.9CRITICAL
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Version: 3.0
Base score: 9.9
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://huntr.dev/bounties/c2a84917-7ac0-4169-81c1-b61e617023de
N/A
https://github.com/froxlor/froxlor/commit/0034681412057fef2dfe9cce9f8a6e3321f52edc
N/A
Hyperlink: https://huntr.dev/bounties/c2a84917-7ac0-4169-81c1-b61e617023de
Resource: N/A
Hyperlink: https://github.com/froxlor/froxlor/commit/0034681412057fef2dfe9cce9f8a6e3321f52edc
Resource: N/A
â–¼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://huntr.dev/bounties/c2a84917-7ac0-4169-81c1-b61e617023de
x_transferred
https://github.com/froxlor/froxlor/commit/0034681412057fef2dfe9cce9f8a6e3321f52edc
x_transferred
Hyperlink: https://huntr.dev/bounties/c2a84917-7ac0-4169-81c1-b61e617023de
Resource:
x_transferred
Hyperlink: https://github.com/froxlor/froxlor/commit/0034681412057fef2dfe9cce9f8a6e3321f52edc
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@huntr.dev
Published At:04 Feb, 2023 | 01:15
Updated At:10 Feb, 2023 | 13:56

Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.09.9CRITICAL
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.0
Base score: 9.9
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CPE Matches

froxlor
froxlor
>>froxlor>>Versions before 2.0.10(exclusive)
cpe:2.3:a:froxlor:froxlor:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-94Primarysecurity@huntr.dev
CWE ID: CWE-94
Type: Primary
Source: security@huntr.dev
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/froxlor/froxlor/commit/0034681412057fef2dfe9cce9f8a6e3321f52edcsecurity@huntr.dev
Patch
Third Party Advisory
https://huntr.dev/bounties/c2a84917-7ac0-4169-81c1-b61e617023desecurity@huntr.dev
Exploit
Patch
Third Party Advisory
Hyperlink: https://github.com/froxlor/froxlor/commit/0034681412057fef2dfe9cce9f8a6e3321f52edc
Source: security@huntr.dev
Resource:
Patch
Third Party Advisory
Hyperlink: https://huntr.dev/bounties/c2a84917-7ac0-4169-81c1-b61e617023de
Source: security@huntr.dev
Resource:
Exploit
Patch
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

490Records found

CVE-2023-0877
Matching Score-10
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-10
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-9.1||CRITICAL
EPSS-3.93% / 89.09%
||
7 Day CHG~0.00%
Published-17 Feb, 2023 | 00:00
Updated-18 Mar, 2025 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Code Injection in froxlor/froxlor

Code Injection in GitHub repository froxlor/froxlor prior to 2.0.11.

Action-Not Available
Vendor-froxlorfroxlor
Product-froxlorfroxlor/froxlor
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-2034
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-9.1||CRITICAL
EPSS-73.25% / 99.39%
||
7 Day CHG~0.00%
Published-14 Apr, 2023 | 00:00
Updated-06 Feb, 2025 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unrestricted Upload of File with Dangerous Type in froxlor/froxlor

Unrestricted Upload of File with Dangerous Type in GitHub repository froxlor/froxlor prior to 2.0.14.

Action-Not Available
Vendor-froxlorfroxlor
Product-froxlorfroxlor/froxlor
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2026-41236
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.37% / 28.63%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 17:52
Updated-08 Jun, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Froxlor has privilege escalation in SSH key synchronization via symlinked `authorized_keys` path

Froxlor is open source server administration software. Version 2.3.6 contains a symlink-following flaw in the root-owned SSH key synchronization path used for customer FTP users. The provisioning code appends public keys to `~/.ssh/authorized_keys` under a customer-controlled home directory without verifying that the target path is not a symbolic link. If an attacker controls a shell-enabled customer account and can modify files inside the assigned home directory, the attacker can replace `~/.ssh/authorized_keys` with a symlink to `/root/.ssh/authorized_keys`. When Froxlor's privileged cron task later synchronizes SSH keys, it appends the attacker-supplied key into root's authorized key file, resulting in root SSH access. Version 2.3.7 contains a patch.

Action-Not Available
Vendor-froxlor
Product-froxlor
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2026-30932
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-8.6||HIGH
EPSS-0.54% / 41.69%
||
7 Day CHG~0.00%
Published-24 Mar, 2026 | 18:46
Updated-26 Mar, 2026 | 12:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Froxlor is vulnerable to BIND zone file injection via unsanitized DNS record content in DomainZones API

Froxlor is open source server administration software. Prior to version 2.3.5, the DomainZones.add API endpoint (accessible to customers with DNS enabled) does not validate the content field for several DNS record types (LOC, RP, SSHFP, TLSA). An attacker can inject newlines and BIND zone file directives (e.g. $INCLUDE) into the zone file that gets written to disk when the DNS rebuild cron job runs. This issue has been patched in version 2.3.5.

Action-Not Available
Vendor-froxlorfroxlor
Product-froxlorfroxlor
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2023-0315
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.2||HIGH
EPSS-97.65% / 99.89%
||
7 Day CHG~0.00%
Published-16 Jan, 2023 | 00:00
Updated-07 Apr, 2025 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command Injection in froxlor/froxlor

Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8.

Action-Not Available
Vendor-froxlorfroxlor
Product-froxlorfroxlor/froxlor
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-6069
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-9.9||CRITICAL
EPSS-0.84% / 53.27%
||
7 Day CHG~0.00%
Published-10 Nov, 2023 | 00:00
Updated-02 Aug, 2024 | 08:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Link Resolution Before File Access in froxlor/froxlor

Improper Link Resolution Before File Access in GitHub repository froxlor/froxlor prior to 2.1.0.

Action-Not Available
Vendor-froxlorfroxlor
Product-froxlorfroxlor/froxlor
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2020-10235
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.68% / 74.17%
||
7 Day CHG~0.00%
Published-09 Mar, 2020 | 15:04
Updated-04 Aug, 2024 | 10:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Froxlor before 0.10.14. Remote attackers with access to the installation routine could have executed arbitrary code via the database configuration options that were passed unescaped to exec, because of _backupExistingDatabase in install/lib/class.FroxlorInstall.php.

Action-Not Available
Vendor-froxlorn/a
Product-froxlorn/a
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-3869
Matching Score-6
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-6
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-6.5||MEDIUM
EPSS-1.26% / 66.18%
||
7 Day CHG~0.00%
Published-05 Nov, 2022 | 00:00
Updated-05 May, 2025 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Code Injection in froxlor/froxlor

Code Injection in GitHub repository froxlor/froxlor prior to 0.10.38.2.

Action-Not Available
Vendor-froxlorfroxlor
Product-froxlorfroxlor/froxlor
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-3721
Matching Score-6
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-6
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.6||HIGH
EPSS-0.75% / 50.57%
||
7 Day CHG~0.00%
Published-04 Nov, 2022 | 00:00
Updated-02 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Code Injection in froxlor/froxlor

Code Injection in GitHub repository froxlor/froxlor prior to 0.10.39.

Action-Not Available
Vendor-froxlorfroxlor
Product-froxlorfroxlor/froxlor
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2026-41229
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.48% / 37.97%
||
7 Day CHG~0.00%
Published-23 Apr, 2026 | 03:44
Updated-27 Apr, 2026 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Froxlor has a PHP Code Injection via Unescaped Single Quotes in userdata.inc.php Generation (MysqlServer API)

Froxlor is open source server administration software. Prior to version 2.3.6, `PhpHelper::parseArrayToString()` writes string values into single-quoted PHP string literals without escaping single quotes. When an admin with `change_serversettings` permission adds or updates a MySQL server via the API, the `privileged_user` parameter (which has no input validation) is written unescaped into `lib/userdata.inc.php`. Since this file is `require`d on every request via `Database::getDB()`, an attacker can inject arbitrary PHP code that executes as the web server user on every subsequent page load. Version 2.3.6 contains a patch.

Action-Not Available
Vendor-froxlorfroxlor
Product-froxlorfroxlor
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-2017
Matching Score-4
Assigner-STAR Labs SG Pte. Ltd.
ShareView Details
Matching Score-4
Assigner-STAR Labs SG Pte. Ltd.
CVSS Score-8.8||HIGH
EPSS-2.08% / 79.27%
||
7 Day CHG~0.00%
Published-17 Apr, 2023 | 10:18
Updated-05 Feb, 2025 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Control of Generation of Code in Twig Rendered Views in Shopware

Server-side Template Injection (SSTI) in Shopware 6 (<= v6.4.20.0, v6.5.0.0-rc1 <= v6.5.0.0-rc4), affecting both shopware/core and shopware/platform GitHub repositories, allows remote attackers with access to a Twig environment without the Sandbox extension to bypass the validation checks in `Shopware\Core\Framework\Adapter\Twig\SecurityExtension` and call any arbitrary PHP function and thus execute arbitrary code/commands via usage of fully-qualified names, supplied as array of strings, when referencing callables. Users are advised to upgrade to v6.4.20.1 to resolve this issue. This is a bypass of CVE-2023-22731.

Action-Not Available
Vendor-shopwareShopware AG
Product-shopwareShopware 6
CWE ID-CWE-1336
Improper Neutralization of Special Elements Used in a Template Engine
CWE ID-CWE-184
Incomplete List of Disallowed Inputs
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-8864
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.82% / 52.90%
||
7 Day CHG~0.00%
Published-15 Sep, 2024 | 00:31
Updated-17 Sep, 2024 | 10:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
composiohq composio calculator.py Calculator code injection

A vulnerability has been found in composiohq composio up to 0.5.6 and classified as critical. Affected by this vulnerability is the function Calculator of the file python/composio/tools/local/mathematical/actions/calculator.py. The manipulation leads to code injection. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-composiocomposiohqcomposiohq
Product-composiocomposiocomposio
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2025-66457
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.68% / 47.87%
||
7 Day CHG~0.00%
Published-09 Dec, 2025 | 20:03
Updated-17 Dec, 2025 | 14:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Elysia affected by arbitrary code injection through cookie config

Elysia is a Typescript framework for request validation, type inference, OpenAPI documentation and client-server communication. Versions 1.4.17 and below are subject to arbitrary code execution from cookie config. When dynamic cookies are enabled (e.g. there an existing cookie schema), the cookie config is injected into the compiled route without first being sanitised. Availability of this exploit is generally low, but when combined with GHSA-hxj9-33pp-j2cc, it allows for a full RCE chain. An attack requires write access to either the Elysia app's source code (in which case the vulnerability is meaningless) or write access to the cookie config (perhaps where it is assumed to be provisioned by the environment). This issue is fixed in version 1.4.18.

Action-Not Available
Vendor-elysiajselysiajs
Product-elysiaelysia
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2025-67036
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.38% / 30.34%
||
7 Day CHG~0.00%
Published-11 Mar, 2026 | 00:00
Updated-23 Jun, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The Log Info page allows users to see log files by specifying their names. Due to a missing sanitization in the file name parameter, an authenticated attacker can inject arbitrary OS commands that are executed with root privileges.

Action-Not Available
Vendor-lantronixn/a
Product-eds5016_firmwareeds5008eds5008_firmwareeds5032eds5016eds5032_firmwaren/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-8268
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.71% / 48.89%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 02:05
Updated-08 Apr, 2026 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Frontend Dashboard <= 2.2.4 - Authenticated (Subscriber+) Arbitrary Function Call

The Frontend Dashboard plugin for WordPress is vulnerable to unauthorized code execution due to insufficient filtering on callable methods/functions via the ajax_request() function in all versions up to, and including, 2.2.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to call arbitrary functions that can be leverage for privilege escalation by changing user's passwords.

Action-Not Available
Vendor-buffercodevinoth06buffercode
Product-frontend_dashboardFrontend Dashboardfrontend_dashboard
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-7559
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.85% / 53.72%
||
7 Day CHG~0.00%
Published-23 Aug, 2024 | 02:31
Updated-08 Apr, 2026 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
File Manager Pro <= 8.3.7 - Authenticated (Subscriber+) Arbitrary File Upload

The File Manager Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and capability checks in the mk_file_folder_manager AJAX action in all versions up to, and including, 8.3.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

Action-Not Available
Vendor-File Managerfilemanagerpro
Product-File Manager Profile_manager_pro
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-6946
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.61% / 44.68%
||
7 Day CHG~0.00%
Published-21 Jul, 2024 | 08:31
Updated-05 Sep, 2024 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Flute CMS list code injection

A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been declared as critical. This vulnerability affects unknown code of the file /admin/pages/list. The manipulation of the argument blocks leads to code injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272068.

Action-Not Available
Vendor-flute-cmsFluteflute
Product-fluteCMScms
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-7656
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-8.8||HIGH
EPSS-0.78% / 51.56%
||
7 Day CHG~0.00%
Published-24 Aug, 2024 | 11:36
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Image Hotspot by DevVN <= 1.2.5 - Authenticated (Author+) PHP Object Injection

The Image Hotspot by DevVN plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.5 via deserialization of untrusted input in the 'devvn_ihotspot_shortcode_func' function. This makes it possible for authenticated attackers, with Author-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.

Action-Not Available
Vendor-levantoanle_van_toan
Product-Image Hotspot by DevVNimage_hotspot_by_devvn
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2025-64108
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-0.44% / 35.48%
||
7 Day CHG+0.04%
Published-04 Nov, 2025 | 22:58
Updated-10 Nov, 2025 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cursor's Sensitive File Modification can Lead to NTFS Path Quirks

Cursor is a code editor built for programming with AI. In versions 1.7.44 and below, various NTFS path quirks allow a prompt injection attacker to circumvent sensitive file protections and overwrite files which Cursor requires human approval to overwrite. Modification of some of the protected files can lead to RCE. Must be chained with a prompt injection or malicious model attach. Only affects systems supporting NTFS. This issue is fixed in version 2.0.

Action-Not Available
Vendor-anyspherecursor
Product-cursorcursor
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2021-21305
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.4||HIGH
EPSS-12.68% / 95.77%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 19:20
Updated-03 Aug, 2024 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Code Injection vulnerability in CarrierWave

CarrierWave is an open-source RubyGem which provides a simple and flexible way to upload files from Ruby applications. In CarrierWave before versions 1.3.2 and 2.1.1, there is a code injection vulnerability. The "#manipulate!" method inappropriately evals the content of mutation option(:read/:write), allowing attackers to craft a string that can be executed as a Ruby code. If an application developer supplies untrusted inputs to the option, it will lead to remote code execution(RCE). This is fixed in versions 1.3.2 and 2.1.1.

Action-Not Available
Vendor-carrierwave_projectcarrierwaveuploader
Product-carrierwavecarrierwave
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-6386
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.9||CRITICAL
EPSS-25.53% / 97.70%
||
7 Day CHG+0.52%
Published-21 Aug, 2024 | 20:29
Updated-08 Apr, 2026 | 19:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WPML Multilingual CMS <= 4.6.12 - Authenticated (Contributor+) Remote Code Execution via Twig Server-Side Template Injection

The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.6.12 via Twig Server-Side Template Injection. This is due to missing input validation and sanitization on the render function. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server.

Action-Not Available
Vendor-wpmlWPMLwpml
Product-wpmlWPMLwpml
CWE ID-CWE-1336
Improper Neutralization of Special Elements Used in a Template Engine
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2025-61196
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.51% / 39.72%
||
7 Day CHG~0.00%
Published-30 Oct, 2025 | 00:00
Updated-04 Nov, 2025 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in BusinessNext CRMnext v.10.8.3.0 allows a remote attacker to execute arbitrary code via the comments input parameter.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-1304
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-8.8||HIGH
EPSS-1.08% / 61.01%
||
7 Day CHG~0.00%
Published-21 Mar, 2023 | 16:45
Updated-25 Feb, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rapid7 InsightCloudSec getattr() method access

An authenticated attacker can leverage an exposed getattr() method via a Jinja template to smuggle OS commands and perform other actions that are normally expected to be private methods. This issue was resolved in the Managed and SaaS deployments on February 1, 2023, and in version 23.2.1 of the Self-Managed version of InsightCloudSec.

Action-Not Available
Vendor-Rapid7 LLC
Product-insightappsecinsightcloudsecInsightCloudSec
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2021-1518
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.3||MEDIUM
EPSS-1.87% / 76.77%
||
7 Day CHG~0.00%
Published-22 Jul, 2021 | 15:20
Updated-07 Nov, 2024 | 22:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Device Manager On-Box Software Remote Code Execution Vulnerability

A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. This vulnerability is due to insufficient sanitization of user input on specific REST API commands. An attacker could exploit this vulnerability by sending a crafted HTTP request to the API subsystem of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system. To exploit this vulnerability, an attacker would need valid low-privileged user credentials.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_device_manager_on-boxCisco Firepower Threat Defense Software
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-32527
Matching Score-4
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-4
Assigner-Trend Micro, Inc.
CVSS Score-8.8||HIGH
EPSS-2.92% / 85.37%
||
7 Day CHG~0.00%
Published-26 Jun, 2023 | 21:54
Updated-04 Dec, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32528.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-mobile_securityTrend Micro Moibile Security for Enterprise
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2019-17300
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.40% / 69.21%
||
7 Day CHG~0.00%
Published-07 Oct, 2019 | 15:04
Updated-05 Aug, 2024 | 01:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by a Developer user.

Action-Not Available
Vendor-n/aSugarCRM Inc.
Product-sugarcrmn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-1306
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-8.8||HIGH
EPSS-1.21% / 64.66%
||
7 Day CHG~0.00%
Published-21 Mar, 2023 | 16:53
Updated-26 Feb, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rapid7 InsightCloudSec resource.db() method access

An authenticated attacker can leverage an exposed resource.db() accessor method to smuggle Python method calls via a Jinja template, which can lead to code execution. This issue was resolved in the Managed and SaaS deployments on February 1, 2023, and in version 23.2.1 of the Self-Managed version of InsightCloudSec.

Action-Not Available
Vendor-Rapid7 LLC
Product-insightappsecinsightcloudsecInsightCloudSec
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2025-58745
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-10||CRITICAL
EPSS-0.70% / 48.84%
||
7 Day CHG~0.00%
Published-08 Sep, 2025 | 22:40
Updated-17 Sep, 2025 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WeGIA has a bypass for the fix for CVE-2025-22133 - Arbitrary File Upload leads to Remote Code Execution (RCE)

WeGIA is a Web manager for charitable institutions. The fix for CVE-2025-22133 was not enough to remediate the arbitrary file upload vulnerability. The WeGIA only check MIME types for Excel files at endpoint `/html/socio/sistema/controller/controla_xlsx.php`, which can be bypassed by using magic bytes of Excel file in a PHP file. As a result, attacker can upload webshell to the server for remote code execution. Version 3.4.11 contains an updated fix.

Action-Not Available
Vendor-wegiaLabRedesCefetRJ
Product-wegiaWeGIA
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-1482
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.7||MEDIUM
EPSS-0.77% / 51.10%
||
7 Day CHG~0.00%
Published-18 Mar, 2023 | 09:31
Updated-26 Feb, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HkCms External Plugin code injection

A vulnerability, which was classified as problematic, was found in HkCms 2.2.4.230206. This affects an unknown part of the file /admin.php/appcenter/local.html?type=addon of the component External Plugin Handler. The manipulation leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223365 was assigned to this vulnerability.

Action-Not Available
Vendor-hkcms_projectn/a
Product-hkcmsHkCms
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-54907
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.14% / 62.69%
||
7 Day CHG+0.02%
Published-26 Dec, 2024 | 00:00
Updated-26 Dec, 2024 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Remote Code Execution in /bin/boa via formWsc.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-55877
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-10||CRITICAL
EPSS-1.56% / 72.20%
||
7 Day CHG~0.00%
Published-12 Dec, 2024 | 19:13
Updated-30 Apr, 2025 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
XWiki allows remote code execution from account through macro descriptions and XWiki.XWikiSyntaxMacrosList

XWiki Platform is a generic wiki platform. Starting in version 9.7-rc-1 and prior to versions 15.10.11, 16.4.1, and 16.5.0, any user with an account can perform arbitrary remote code execution by adding instances of `XWiki.WikiMacroClass` to any page. This compromises the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been fixed in XWiki 15.10.11, 16.4.1 and 16.5.0. It is possible to manually apply the patch to the page `XWiki.XWikiSyntaxMacrosList` as a workaround.

Action-Not Available
Vendor-XWiki SAS
Product-xwikixwiki-platform
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-96
Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
CVE-2024-55022
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.29% / 66.64%
||
7 Day CHG~0.00%
Published-03 Mar, 2026 | 00:00
Updated-09 Mar, 2026 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain an authenticated command injection vulnerability via the HMI Name parameter.

Action-Not Available
Vendor-weintekn/a
Product-easywebcmt-3072xh2cmt-3072xh2_firmwaren/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-55241
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.78% / 51.40%
||
7 Day CHG~0.00%
Published-06 Feb, 2025 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in deep-diver LLM-As-Chatbot before commit 99c2c03 allows a remote attacker to execute arbitrary code via the modelsbyom.py component.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-55662
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-10||CRITICAL
EPSS-0.75% / 50.42%
||
7 Day CHG~0.00%
Published-12 Dec, 2024 | 17:25
Updated-30 Apr, 2025 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
XWiki allows remote code execution through the extension sheet

XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-1 and prior to versions 15.10.9 and 16.3.0, on instances where `Extension Repository Application` is installed, any user can execute any code requiring `programming` rights on the server. This vulnerability has been fixed in XWiki 15.10.9 and 16.3.0. Since `Extension Repository Application` is not mandatory, it can be safely disabled on instances that do not use it as a workaround. It is also possible to manually apply the patches from commit 8659f17d500522bf33595e402391592a35a162e8 to the page `ExtensionCode.ExtensionSheet` and to the page `ExtensionCode.ExtensionAuthorsDisplayer`.

Action-Not Available
Vendor-XWiki SAS
Product-xwikixwiki-platform
CWE ID-CWE-863
Incorrect Authorization
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-96
Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
CVE-2024-55505
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.66% / 47.22%
||
7 Day CHG~0.00%
Published-18 Dec, 2024 | 00:00
Updated-17 Apr, 2025 | 01:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the mess-view.php component.

Action-Not Available
Vendor-n/aCodeAstro
Product-complaint_management_systemn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-54780
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-11.99% / 95.62%
||
7 Day CHG+0.40%
Published-14 May, 2025 | 00:00
Updated-13 Jun, 2025 | 13:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds are vulnerable to command injection in the OpenVPN widget due to improper sanitization of user-supplied input to the OpenVPN management interface. An authenticated attacker can exploit this vulnerability by injecting arbitrary OpenVPN management commands via the remipp parameter.

Action-Not Available
Vendor-netgaten/a
Product-pfsense_cepfsense_plusn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-0089
Matching Score-4
Assigner-Proofpoint Inc.
ShareView Details
Matching Score-4
Assigner-Proofpoint Inc.
CVSS Score-8.8||HIGH
EPSS-0.73% / 49.90%
||
7 Day CHG~0.00%
Published-08 Mar, 2023 | 00:27
Updated-28 Feb, 2025 | 16:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Proofpoint Enterprise Protection webutils authenticated RCE

The webutils in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows an authenticated user to execute remote code through 'eval injection'. This affects all versions 8.20.0 and below.

Action-Not Available
Vendor-proofpointproofpoint
Product-enterprise_protectionenterprise_protection
CWE ID-CWE-95
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-5651
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-1.37% / 68.58%
||
7 Day CHG~0.00%
Published-12 Aug, 2024 | 05:46
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fence-agents-remediation: fence agent command line options leads to remote code execution

A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution (RCE) primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a specially crafted FenceAgentsRemediation for a fence agent supporting  --ssh-path/--telnet-path arguments to execute arbitrary commands on the operator's pod. This RCE leads to a privilege escalation, first as the service account running the operator, then to another service account with cluster-admin privileges.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Fence Agents Remediation 0.4 for RHEL 8
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-0022
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-9.9||CRITICAL
EPSS-0.74% / 50.22%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 03:25
Updated-09 Apr, 2025 | 13:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Code Injection vulnerability in SAP BusinessObjects Business Intelligence platform (Analysis edition for OLAP)

SAP BusinessObjects Business Intelligence Analysis edition for OLAP allows an authenticated attacker to inject malicious code that can be executed by the application over the network. On successful exploitation, an attacker can perform operations that may completely compromise the application causing a high impact on the confidentiality, integrity, and availability of the application.

Action-Not Available
Vendor-SAP SE
Product-businessobjects_business_intelligence_platformBusinessObjects Business Intelligence platform (Analysis edition for OLAP)
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2025-58159
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-10||CRITICAL
EPSS-0.69% / 48.22%
||
7 Day CHG~0.00%
Published-29 Aug, 2025 | 22:15
Updated-24 Sep, 2025 | 18:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WeGIA Authenticated Arbitrary File Upload Leading To Remote Code Execution (RCE)

WeGIA is a Web manager for charitable institutions. Prior to version 3.4.11, a remote code execution vulnerability was identified, caused by improper validation of uploaded files. The application allows an attacker to upload files with arbitrary filenames, including those with a .php extension. Because the uploaded file is written directly to disk without adequate sanitization or extension restrictions, a spreadsheet file followed by PHP code can be uploaded and executed on the server, leading to arbitrary code execution. This is due to insufficient mitigation of CVE-2025-22133. This issue has been patched in version 3.4.11.

Action-Not Available
Vendor-wegiaLabRedesCefetRJ
Product-wegiaWeGIA
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-5466
Matching Score-4
Assigner-ManageEngine
ShareView Details
Matching Score-4
Assigner-ManageEngine
CVSS Score-8.8||HIGH
EPSS-6.91% / 93.31%
||
7 Day CHG~0.00%
Published-23 Aug, 2024 | 13:23
Updated-19 Dec, 2024 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Code Execution

Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option.

Action-Not Available
Vendor-ManageEngine (Zoho Corporation Pvt. Ltd.)Zoho Corporation Pvt. Ltd.
Product-manageengine_remote_monitoring_and_management_centralmanageengine_opmanager_mspmanageengine_opmanagermanageengine_opmanager_plusOpManager, Remote Monitoring and Managementmanageengine_opmanager_mspmanageengine_opmanagermanageengine_opmanager_rmmmanageengine_opmanager_plus
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2019-17302
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.40% / 69.22%
||
7 Day CHG~0.00%
Published-07 Oct, 2019 | 15:04
Updated-05 Aug, 2024 | 01:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by a Developer user.

Action-Not Available
Vendor-n/aSugarCRM Inc.
Product-sugarcrmn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-35152
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-10||CRITICAL
EPSS-1.03% / 59.46%
||
7 Day CHG~0.00%
Published-23 Jun, 2023 | 16:41
Updated-27 Nov, 2024 | 20:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
XWiki Platform vulnerable to privilege escalation (PR) from account through like LiveTableResults

XWiki Platform is a generic wiki platform. Starting in version 12.9-rc-1 and prior to versions 14.4.8, 14.10.6, and 15.1, any logged in user can add dangerous content in their first name field and see it executed with programming rights. Leading to rights escalation. The vulnerability has been fixed on XWiki 14.4.8, 14.10.6, and 15.1. As a workaround, one may apply the patch manually.

Action-Not Available
Vendor-XWiki SAS
Product-xwikixwiki-platform
CWE ID-CWE-95
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2025-54815
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.56% / 42.33%
||
7 Day CHG~0.00%
Published-19 Sep, 2025 | 00:00
Updated-25 Sep, 2025 | 19:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Server-side template injection (SSTI) vulnerability in PPress 0.0.9 allows attackers to execute arbitrary code via crafted themes.

Action-Not Available
Vendor-yandaozin/a
Product-ppressn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-53303
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.70% / 48.84%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution (RCE) vulnerability in the upload_file function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST request.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-52899
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.5||HIGH
EPSS-0.77% / 51.22%
||
7 Day CHG~0.00%
Published-26 Nov, 2024 | 00:34
Updated-04 Aug, 2025 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Data Virtualization Manager code execution

IBM Data Virtualization Manager for z/OS 1.1 and 1.2 could allow an authenticated user to inject malicious JDBC URL parameters and execute code on the server.

Action-Not Available
Vendor-IBM Corporation
Product-data_virtualization_manager_for_z\/osData Virtualization Manager for z/OSdata_virtualization_manager_for_z-os
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2021-23814
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-6.7||MEDIUM
EPSS-1.82% / 76.14%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 20:00
Updated-17 Jun, 2025 | 12:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This affects versions of the package unisharp/laravel-filemanager before 2.6.2. The upload() function does not sufficiently validate the file type when uploading. An attacker may be able to reproduce the following steps: 1. Install a package with a web Laravel application. 2. Navigate to the Upload window 3. Upload an image file, then capture the request 4. Edit the request contents with a malicious file (webshell) 5. Enter the path of file uploaded on URL - Remote Code Execution **Note:** Prevention for bad extensions can be done by using a whitelist in the config file(lfm.php). Corresponding document can be found in [here](https://unisharp.github.io/laravel-filemanager/configfolder-categories).

Action-Not Available
Vendor-unisharpn/a
Product-laravel-filemanagerunisharp/laravel-filemanager
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-15070
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.21% / 64.65%
||
7 Day CHG~0.00%
Published-21 Aug, 2020 | 04:28
Updated-04 Aug, 2024 | 13:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zulip Server 2.x before 2.1.7 allows eval injection if a privileged attacker were able to write directly to the postgres database, and chose to write a crafted custom profile field value.

Action-Not Available
Vendor-n/aKandra Labs, Inc. (Zulip)
Product-zulip_servern/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2022-50944
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.35% / 26.75%
||
7 Day CHG~0.00%
Published-10 May, 2026 | 12:12
Updated-12 May, 2026 | 14:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Aero CMS 0.0.1 PHP Code Injection via posts.php

Aero CMS 0.0.1 contains a PHP code injection vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious files through the image parameter. Attackers can upload PHP files with embedded code to the admin posts.php endpoint with source=add_post parameter, and the uploaded files are executed by the server.

Action-Not Available
Vendor-MegaTKC
Product-Aero CMS
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2025-53836
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-10||CRITICAL
EPSS-0.53% / 40.66%
||
7 Day CHG~0.00%
Published-14 Jul, 2025 | 23:08
Updated-26 Aug, 2025 | 17:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
XWiki Rendering is vulnerable to RCE attacks when processing nested macros

XWiki Rendering is a generic rendering system that converts textual input in a given syntax (wiki syntax, HTML, etc) into another syntax (XHTML, etc). Starting in version 4.2-milestone-1 and prior to versions 13.10.11, 14.4.7, and 14.10, the default macro content parser doesn't preserve the restricted attribute of the transformation context when executing nested macros. This allows executing macros that are normally forbidden in restricted mode, in particular script macros. The cache and chart macros that are bundled in XWiki use the vulnerable feature. This has been patched in XWiki 13.10.11, 14.4.7 and 14.10. To avoid the exploitation of this bug, comments can be disabled for untrusted users until an upgrade to a patched version has been performed. Note that users with edit rights will still be able to add comments via the object editor even if comments have been disabled.

Action-Not Available
Vendor-XWiki SAS
Product-xwikixwiki-rendering
CWE ID-CWE-863
Incorrect Authorization
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 9
  • 10
  • Next
Details not found