Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-27650

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-10 Apr, 2023 | 00:00
Updated At-11 Feb, 2025 | 15:55
Rejected At-
Credits

An issue found in APUS Group Launcher v.3.10.73 and v.3.10.88 allows a remote attacker to execute arbitrary code via the FONT_FILE parameter.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:10 Apr, 2023 | 00:00
Updated At:11 Feb, 2025 | 15:55
Rejected At:
▼CVE Numbering Authority (CNA)

An issue found in APUS Group Launcher v.3.10.73 and v.3.10.88 allows a remote attacker to execute arbitrary code via the FONT_FILE parameter.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://play.google.com/store/apps/details?id=com.apusapps.launcher
N/A
https://www.apusapps.com/en/launcher
N/A
https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27650/CVE%20detail.md
N/A
Hyperlink: https://play.google.com/store/apps/details?id=com.apusapps.launcher
Resource: N/A
Hyperlink: https://www.apusapps.com/en/launcher
Resource: N/A
Hyperlink: https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27650/CVE%20detail.md
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://play.google.com/store/apps/details?id=com.apusapps.launcher
x_transferred
https://www.apusapps.com/en/launcher
x_transferred
https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27650/CVE%20detail.md
x_transferred
Hyperlink: https://play.google.com/store/apps/details?id=com.apusapps.launcher
Resource:
x_transferred
Hyperlink: https://www.apusapps.com/en/launcher
Resource:
x_transferred
Hyperlink: https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27650/CVE%20detail.md
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-94CWE-94 Improper Control of Generation of Code ('Code Injection')
Type: CWE
CWE ID: CWE-94
Description: CWE-94 Improper Control of Generation of Code ('Code Injection')
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:10 Apr, 2023 | 17:15
Updated At:11 Feb, 2025 | 16:15

An issue found in APUS Group Launcher v.3.10.73 and v.3.10.88 allows a remote attacker to execute arbitrary code via the FONT_FILE parameter.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches

apusapps
apusapps
>>launcher>>3.10.73
cpe:2.3:a:apusapps:launcher:3.10.73:*:*:*:*:*:*:*
apusapps
apusapps
>>launcher>>3.10.88
cpe:2.3:a:apusapps:launcher:3.10.88:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE-94Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-94
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27650/CVE%20detail.mdcve@mitre.org
Exploit
Third Party Advisory
https://play.google.com/store/apps/details?id=com.apusapps.launchercve@mitre.org
Product
https://www.apusapps.com/en/launchercve@mitre.org
Product
https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27650/CVE%20detail.mdaf854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
https://play.google.com/store/apps/details?id=com.apusapps.launcheraf854a3a-2127-422b-91ae-364da2661108
Product
https://www.apusapps.com/en/launcheraf854a3a-2127-422b-91ae-364da2661108
Product
Hyperlink: https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27650/CVE%20detail.md
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://play.google.com/store/apps/details?id=com.apusapps.launcher
Source: cve@mitre.org
Resource:
Product
Hyperlink: https://www.apusapps.com/en/launcher
Source: cve@mitre.org
Resource:
Product
Hyperlink: https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27650/CVE%20detail.md
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Third Party Advisory
Hyperlink: https://play.google.com/store/apps/details?id=com.apusapps.launcher
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Product
Hyperlink: https://www.apusapps.com/en/launcher
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Product

Change History

0
Information is not available yet

Similar CVEs

699Records found

CVE-2022-25894
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-9.8||CRITICAL
EPSS-6.84% / 90.97%
||
7 Day CHG~0.00%
Published-25 Jan, 2023 | 05:00
Updated-01 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

All versions of the package com.bstek.uflo:uflo-core are vulnerable to Remote Code Execution (RCE) in the ExpressionContextImpl class via jexl.createExpression(expression).evaluate(context); functionality, due to improper user input validation.

Action-Not Available
Vendor-uflo_projectn/a
Product-uflocom.bstek.uflo:uflo-core
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-8132
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 63.12%
||
7 Day CHG~0.00%
Published-28 Feb, 2020 | 19:24
Updated-04 Aug, 2024 | 09:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of input validation in pdf-image npm package version <= 2.0.0 may allow an attacker to run arbitrary code if PDF file path is constructed based on untrusted user input.

Action-Not Available
Vendor-pdf-image_projectn/a
Product-pdf-imagepdf-image
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2020-7673
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-9.8||CRITICAL
EPSS-1.20% / 78.10%
||
7 Day CHG~0.00%
Published-10 Jun, 2020 | 15:36
Updated-04 Aug, 2024 | 09:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. User input provided to the argument `A` of `extend` function`(A,B,as,isAargs)` located within `lib/extend.js` is executed by the `eval` function, resulting in code execution.

Action-Not Available
Vendor-node-extend_projectn/a
Product-node-extendnode-extend
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-7710
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-8.1||HIGH
EPSS-0.51% / 65.50%
||
7 Day CHG~0.00%
Published-21 Aug, 2020 | 09:15
Updated-16 Sep, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sandbox Escape

This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine.

Action-Not Available
Vendor-safe-eval_projectn/a
Product-safe-evalsafe-eval
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-7480
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-9.8||CRITICAL
EPSS-0.57% / 67.66%
||
7 Day CHG~0.00%
Published-23 Mar, 2020 | 19:24
Updated-04 Aug, 2024 | 09:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists in Andover Continuum (All versions), which could cause files on the application server filesystem to be viewable when an attacker interferes with an application's processing of XML data.

Action-Not Available
Vendor-n/a
Product-andover_continuum_9941_firmwareandover_continuum_5720_firmwareandover_continuum_9924andover_continuum_9900_firmwareandover_continuum_5740_firmwareandover_continuum_9940andover_continuum_bcx9640andover_continuum_9702andover_continuum_9900andover_continuum_9924_firmwareandover_continuum_9680andover_continuum_9702_firmwareandover_continuum_9941andover_continuum_bcx9640_firmwareandover_continuum_9940_firmwareandover_continuum_5740andover_continuum_9200_firmwareandover_continuum_bcx4040_firmwareandover_continuum_bcx4040andover_continuum_9200andover_continuum_9680_firmwareandover_continuum_5720Andover Continuum (All versions)
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-11635
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-8.43% / 91.99%
||
7 Day CHG~0.00%
Published-08 Jan, 2025 | 07:18
Updated-13 Mar, 2025 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress File Upload <= 4.24.12 - Unuathenticated Remote Code Execution

The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.24.12 via the 'wfu_ABSPATH' cookie parameter. This makes it possible for unauthenticated attackers to execute code on the server.

Action-Not Available
Vendor-iptanusnickboss
Product-wordpress_file_uploadWordPress File Upload
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-13645
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.69% / 70.85%
||
7 Day CHG~0.00%
Published-04 Apr, 2025 | 05:22
Updated-07 Apr, 2025 | 14:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TagDiv Composer <= 5.3 - Unauthenticated Arbitrary PHP Object Instantiation

The tagDiv Composer plugin for WordPress is vulnerable to PHP Object Instantiation in all versions up to, and including, 5.3 via module parameter. This makes it possible for unauthenticated attackers to Instantiate a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.

Action-Not Available
Vendor-tagDiv
Product-tagDiv Composer
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-6143
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-10||CRITICAL
EPSS-10.78% / 93.06%
||
7 Day CHG~0.00%
Published-01 Sep, 2020 | 20:15
Updated-04 Aug, 2024 | 08:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The password variable which is set at line 122 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to trigger this vulnerability.

Action-Not Available
Vendor-os4edn/a
Product-opensisOS4Ed
CWE ID-CWE-96
Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-6836
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.96% / 75.51%
||
7 Day CHG~0.00%
Published-11 Jan, 2020 | 00:42
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

grammar-parser.jison in the hot-formula-parser package before 3.0.1 for Node.js is vulnerable to arbitrary code injection. The package fails to sanitize values passed to the parse function and concatenates them in an eval call. If a value of the formula is taken from user-controlled input, it may allow attackers to run arbitrary commands on the server.

Action-Not Available
Vendor-hot-formula-parser_projectn/a
Product-hot-formula-parsern/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2022-25498
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-11.52% / 93.36%
||
7 Day CHG~0.00%
Published-15 Mar, 2022 | 17:29
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CuppaCMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the saveConfigData function in /classes/ajax/Functions.php.

Action-Not Available
Vendor-cuppacmsn/a
Product-cuppacmsn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-13792
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.3||HIGH
EPSS-0.24% / 46.85%
||
7 Day CHG~0.00%
Published-20 Feb, 2025 | 09:21
Updated-25 Feb, 2025 | 20:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WooCommerce Food - Restaurant Menu & Food ordering <= 3.3.2 - Unauthenticated Arbitrary Shortcode Execution via ids

The WooCommerce Food - Restaurant Menu & Food ordering plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.3.2. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Action-Not Available
Vendor-ex-themesEx-Themes
Product-woocommerce_foodWooCommerce Food - Restaurant Menu & Food ordering
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-25657
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-1.80% / 82.04%
||
7 Day CHG~0.00%
Published-21 Feb, 2023 | 20:51
Updated-10 Mar, 2025 | 21:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote code execution in Jinja2 template rendering in Nautobot

Nautobot is a Network Source of Truth and Network Automation Platform. All users of Nautobot versions earlier than 1.5.7 are impacted by a remote code execution vulnerability. Nautobot did not properly sandbox Jinja2 template rendering. In Nautobot 1.5.7 has enabled sandboxed environments for the Jinja2 template engine used internally for template rendering for the following objects: `extras.ComputedField`, `extras.CustomLink`, `extras.ExportTemplate`, `extras.Secret`, `extras.Webhook`. While no active exploits of this vulnerability are known this change has been made as a preventative measure to protect against any potential remote code execution attacks utilizing maliciously crafted template code. This change forces the Jinja2 template engine to use a `SandboxedEnvironment` on all new installations of Nautobot. This addresses any potential unsafe code execution everywhere the helper function `nautobot.utilities.utils.render_jinja2` is called. Additionally, the documentation that had previously suggesting the direct use of `jinja2.Template` has been revised to suggest `render_jinja2`. Users are advised to upgrade to Nautobot 1.5.7 or newer. For users that are unable to upgrade to the latest release of Nautobot, you may add the following setting to your `nautobot_config.py` to apply the sandbox environment enforcement: `TEMPLATES[1]["OPTIONS"]["environment"] = "jinja2.sandbox.SandboxedEnvironment"` After applying this change, you must restart all Nautobot services, including any Celery worker processes. **Note:** *Nautobot specifies two template engines by default, the first being “django” for the Django built-in template engine, and the second being “jinja” for the Jinja2 template engine. This recommended setting will update the second item in the list of template engines, which is the Jinja2 engine.* For users that are unable to immediately update their configuration such as if a Nautobot service restart is too disruptive to operations, access to provide custom Jinja2 template values may be mitigated using permissions to restrict “change” (write) actions to the affected object types listed in the first section. **Note:** *This solution is intended to be stopgap until you can successfully update your `nautobot_config.py` or upgrade your Nautobot instance to apply the sandboxed environment enforcement.*

Action-Not Available
Vendor-networktocodenautobot
Product-nautobotnautobot
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-13797
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.3||HIGH
EPSS-0.24% / 46.85%
||
7 Day CHG~0.00%
Published-18 Feb, 2025 | 11:10
Updated-21 Feb, 2025 | 12:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PressMart - Modern Elementor WooCommerce WordPress Theme <= 1.2.16 - Unauthenticated Arbitrary Shortcode Execution

The PressMart - Modern Elementor WooCommerce WordPress Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.2.16. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Action-Not Available
Vendor-presslayoutsPressLayouts
Product-pressmartPressMart - Modern Elementor WooCommerce WordPress Theme
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2022-26112
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 32.41%
||
7 Day CHG~0.00%
Published-23 Sep, 2022 | 08:05
Updated-27 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Pinot query endpoint and the realtime ingestion layer has a vulnerability in unprotected environments due to a groovy function support

In 0.10.0 or older versions of Apache Pinot, Pinot query endpoint and realtime ingestion layer has a vulnerability in unprotected environments due to a groovy function support. In order to avoid this, we disabled the groovy function support by default from Pinot release 0.11.0. See https://docs.pinot.apache.org/basics/releases/0.11.0

Action-Not Available
Vendor-The Apache Software Foundation
Product-pinotApache Pinot
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-5553
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-2.14% / 83.53%
||
7 Day CHG~0.00%
Published-25 Mar, 2020 | 01:25
Updated-04 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

mailform version 1.04 allows remote attackers to execute arbitrary PHP code via unspecified vectors.

Action-Not Available
Vendor-mailformkeitai-site.net
Product-mailformmailform
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2022-25760
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-7.1||HIGH
EPSS-0.44% / 62.11%
||
7 Day CHG~0.00%
Published-17 Mar, 2022 | 11:20
Updated-16 Sep, 2024 | 23:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arbitrary Code Injection

All versions of package accesslog are vulnerable to Arbitrary Code Injection due to the usage of the Function constructor without input sanitization. If (attacker-controlled) user input is given to the format option of the package's exported constructor function, it is possible for an attacker to execute arbitrary JavaScript code on the host that this package is being run on.

Action-Not Available
Vendor-accesslog_projectn/a
Product-accesslogaccesslog
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-1577
Matching Score-4
Assigner-CERT.PL
ShareView Details
Matching Score-4
Assigner-CERT.PL
CVSS Score-9.3||CRITICAL
EPSS-1.70% / 81.55%
||
7 Day CHG~0.00%
Published-12 Jun, 2024 | 13:47
Updated-14 Aug, 2024 | 13:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Code Execution in MegaBIP

Remote Code Execution vulnerability in MegaBIP software allows to execute arbitrary code on the server without requiring authentication by saving crafted by the attacker PHP code to one of the website files. This issue affects MegaBIP software versions through 5.11.2.

Action-Not Available
Vendor-megabipJan Syskijan_syski
Product-megabipMegaBIPmegabip
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-5203
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.65% / 69.77%
||
7 Day CHG~0.00%
Published-11 Mar, 2020 | 13:28
Updated-04 Aug, 2024 | 08:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Fat-Free Framework 3.7.1, attackers can achieve arbitrary code execution if developers choose to pass user controlled input (e.g., $_REQUEST, $_GET, or $_POST) to the framework's Clear method.

Action-Not Available
Vendor-fatfreeframeworkn/a
Product-fat-free_frameworkn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2022-25860
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-8.1||HIGH
EPSS-32.33% / 96.69%
||
7 Day CHG~0.00%
Published-24 Jan, 2023 | 05:00
Updated-01 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Versions of the package simple-git before 3.16.0 are vulnerable to Remote Code Execution (RCE) via the clone(), pull(), push() and listRemote() methods, due to improper input sanitization. This vulnerability exists due to an incomplete fix of [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221).

Action-Not Available
Vendor-simple-git_projectn/a
Product-simple-gitsimple-git
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2022-38078
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-5.22% / 89.58%
||
7 Day CHG+1.97%
Published-24 Aug, 2022 | 08:40
Updated-03 Aug, 2024 | 10:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Movable Type XMLRPC API provided by Six Apart Ltd. contains a command injection vulnerability. Sending a specially crafted message by POST method to Movable Type XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. Affected products and versions are as follows: Movable Type 7 r.5202 and earlier, Movable Type Advanced 7 r.5202 and earlier, Movable Type 6.8.6 and earlier, Movable Type Advanced 6.8.6 and earlier, Movable Type Premium 1.52 and earlier, and Movable Type Premium Advanced 1.52 and earlier. Note that all versions of Movable Type 4.0 or later including unsupported (End-of-Life, EOL) versions are also affected by this vulnerability.

Action-Not Available
Vendor-sixapartSix Apart Ltd.
Product-movable_typeMovable Type XMLRPC API
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-1297
Matching Score-4
Assigner-Fluid Attacks
ShareView Details
Matching Score-4
Assigner-Fluid Attacks
CVSS Score-10||CRITICAL
EPSS-1.75% / 81.78%
||
7 Day CHG~0.00%
Published-19 Feb, 2024 | 23:41
Updated-31 Dec, 2024 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Loomio 2.22.0 - Code injection

Loomio version 2.22.0 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to OS Command Injection.

Action-Not Available
Vendor-loomioLoomioloomio
Product-loomioLoomioloomio
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-12900
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.13% / 32.58%
||
7 Day CHG+0.01%
Published-23 Dec, 2024 | 01:31
Updated-15 Jul, 2025 | 20:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FoxCMS Configuration File installdb.php code injection

A vulnerability classified as critical has been found in FoxCMS up to 1.2. Affected is an unknown function of the file /install/installdb.php of the component Configuration File Handler. The manipulation of the argument database password leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-qianfoxn/a
Product-foxcmsFoxCMS
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-12789
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.23% / 45.55%
||
7 Day CHG+0.05%
Published-19 Dec, 2024 | 16:31
Updated-10 Jan, 2025 | 21:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PbootCMS IndexController.php code injection

A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This affects an unknown part of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.2.4 is able to address this issue. It is recommended to upgrade the affected component.

Action-Not Available
Vendor-pbootcmsn/a
Product-pbootcmsPbootCMS
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-0738
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.21% / 43.06%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 21:31
Updated-12 Sep, 2024 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
个人开源 mldong DecisionModel.java ExpressionEngine code injection

A vulnerability, which was classified as critical, has been found in 个人开源 mldong 1.0. This issue affects the function ExpressionEngine of the file com/mldong/modules/wf/engine/model/DecisionModel.java. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251561 was assigned to this vulnerability.

Action-Not Available
Vendor-garethhk个人开源
Product-mldongmldong
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-0917
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-9.4||CRITICAL
EPSS-2.38% / 84.39%
||
7 Day CHG~0.00%
Published-07 Mar, 2024 | 08:24
Updated-13 Feb, 2025 | 17:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

remote code execution in paddlepaddle/paddle 2.6.0

Action-Not Available
Vendor-paddlepaddlepaddlepaddlepaddlepaddle
Product-paddlepaddlepaddlepaddle/paddlepaddle
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-36708
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-90.49% / 99.59%
||
7 Day CHG~0.00%
Published-07 Jun, 2023 | 01:51
Updated-28 Dec, 2024 | 00:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely <= 1.2.7, NewsMag <= 2.4.1, Activello <= 1.4.0, Illdy <= 2.1.4, Allegiant <= 1.2.2, Newspaper X <= 1.3.1, Pixova Lite <= 2.0.5, Brilliance <= 1.2.7, MedZone Lite <= 1.2.4, Regina Lite <= 2.0.4, Transcend <= 1.1.8, Affluent <= 1.1.0, Bonkers <= 1.0.4, Antreas <= 1.0.2, Sparkling <= 2.4.8, and NatureMag Lite <= 1.0.4. This is due to epsilon_framework_ajax_action. This makes it possible for unauthenticated attackers to call functions and achieve remote code execution.

Action-Not Available
Vendor-cpothemescolorlibmachothemeswpchillmachothemessilkalns
Product-pixova_liteilldybonkerstranscendbrillianceactivellonewspaper_xnaturemag_liteshapelyantreassparklinkgallegiantnewsmagaffluentregina_litemedzone_liteRegina LiteBonkersAffluentNewspaper XActivelloShapelySparklingIlldyAntreasPixova LiteNewsMagTranscendNatureMag LiteAllegiantBrillianceMedZone Lite
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-13346
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.3||HIGH
EPSS-23.69% / 95.78%
||
7 Day CHG~0.00%
Published-13 Feb, 2025 | 06:58
Updated-24 Feb, 2025 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Avada Theme <= 7.11.13 - Unauthenticated Arbitrary Shortcode Execution

The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.11.13. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Action-Not Available
Vendor-Avada (ThemeFusion)
Product-avadaAvada | Website Builder For WordPress & WooCommerce
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2022-25759
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-9.9||CRITICAL
EPSS-1.65% / 81.29%
||
7 Day CHG~0.00%
Published-22 Jul, 2022 | 20:00
Updated-16 Sep, 2024 | 20:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Code Injection

The package convert-svg-core before 0.6.2 are vulnerable to Remote Code Injection via sending an SVG file containing the payload.

Action-Not Available
Vendor-convert-svg-core_projectn/a
Product-convert-svg-coreconvert-svg-core
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2014-6287
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-94.31% / 99.94%
||
7 Day CHG~0.00%
Published-07 Oct, 2014 | 10:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-15||Apply updates per vendor instructions.

The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action.

Action-Not Available
Vendor-rejetton/aRejetto
Product-http_file_servern/aHTTP File Server (HFS)
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-13345
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-7.3||HIGH
EPSS-0.24% / 46.85%
||
7 Day CHG~0.00%
Published-13 Feb, 2025 | 06:58
Updated-14 Apr, 2025 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Avada Builder <= 3.11.13 - Unauthenticated Arbitrary Shortcode Execution

The Avada Builder plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.11.13. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Action-Not Available
Vendor-Avada (ThemeFusion)
Product-avada_builderAvada (Fusion) Builder
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-10035
Matching Score-4
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Matching Score-4
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-9.2||CRITICAL
EPSS-0.78% / 72.70%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 11:48
Updated-08 Nov, 2024 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Code Injection in BG-TEK's CoslatV3

Improper Control of Generation of Code ('Code Injection') vulnerability in BG-TEK Informatics Security Technologies CoslatV3 allows Command Injection.This issue affects CoslatV3: through 3.1069. NOTE: The vendor was contacted and it was learned that the product is not supported.

Action-Not Available
Vendor-bg-tekBG-TEK Informatics Security Technologiesbg-tek
Product-coslatCoslatV3coslatv3_firmware
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-6899
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.3||MEDIUM
EPSS-0.06% / 18.14%
||
7 Day CHG~0.00%
Published-17 Dec, 2023 | 12:31
Updated-21 Nov, 2024 | 14:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
rmountjoy92 DashMachine Config save_config code injection

A vulnerability classified as problematic was found in rmountjoy92 DashMachine 0.5-4. Affected by this vulnerability is an unknown functionality of the file /settings/save_config of the component Config Handler. The manipulation of the argument value_template leads to code injection. The exploit has been disclosed to the public and may be used. The identifier VDB-248257 was assigned to this vulnerability.

Action-Not Available
Vendor-rmountjoy92rmountjoy92
Product-dashmachineDashMachine
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-11613
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-69.73% / 98.60%
||
7 Day CHG~0.00%
Published-08 Jan, 2025 | 06:41
Updated-17 Apr, 2025 | 02:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress File Upload <= 4.24.15 - Unauthenticated Remote Code Execution, Arbitrary File Read, and Arbitrary File Deletion

The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution, Arbitrary File Read, and Arbitrary File Deletion in all versions up to, and including, 4.24.15 via the 'wfu_file_downloader.php' file. This is due to lack of proper sanitization of the 'source' parameter and allowing a user-defined directory path. This makes it possible for unauthenticated attackers to execute code on the server.

Action-Not Available
Vendor-iptanusnickboss
Product-wordpress_file_uploadWordPress File Upload
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-35131
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-83.82% / 99.25%
||
7 Day CHG~0.00%
Published-08 Jan, 2021 | 16:09
Updated-04 Aug, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cockpit before 0.6.1 allows an attacker to inject custom PHP code and achieve Remote Command Execution via registerCriteriaFunction in lib/MongoLite/Database.php, as demonstrated by values in JSON data to the /auth/check or /auth/requestreset URI.

Action-Not Available
Vendor-n/aAgentejo
Product-cockpitn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-35339
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-13.02% / 93.82%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 14:32
Updated-04 Aug, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server permissions and control the server.

Action-Not Available
Vendor-74cmsn/a
Product-74cmsn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2024-12252
Matching Score-4
Assigner-Wordfence
ShareView Details
Matching Score-4
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-32.64% / 96.71%
||
7 Day CHG~0.00%
Published-07 Jan, 2025 | 04:22
Updated-07 Jan, 2025 | 16:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SEO LAT Auto Post <= 2.2.1 - Missing Authorization to File Overwrite/Upload (Remote Code Execution)

The SEO LAT Auto Post plugin for WordPress is vulnerable to file overwrite due to a missing capability check on the remote_update AJAX action in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to overwrite the seo-beginner-auto-post.php file which can be leveraged to achieve remote code execution.

Action-Not Available
Vendor-seobeginner
Product-SEO LAT Auto Post
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-6851
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.24% / 46.93%
||
7 Day CHG~0.00%
Published-16 Dec, 2023 | 11:00
Updated-02 Aug, 2024 | 08:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
kalcaddle KodExplorer ZIP Archive app.php unzipList code injection

A vulnerability was found in kalcaddle KodExplorer up to 4.51.03. It has been rated as critical. This issue affects the function unzipList of the file plugins/zipView/app.php of the component ZIP Archive Handler. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.52.01 is able to address this issue. The patch is named 5cf233f7556b442100cf67b5e92d57ceabb126c6. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-248219.

Action-Not Available
Vendor-kodcloudkalcaddle
Product-kodexplorerKodExplorer
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-6886
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.7||MEDIUM
EPSS-0.06% / 17.63%
||
7 Day CHG~0.00%
Published-17 Dec, 2023 | 00:00
Updated-02 Aug, 2024 | 08:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
xnx3 wangmarket Role Management Page code injection

A vulnerability was found in xnx3 wangmarket 6.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Role Management Page. The manipulation leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248246 is the identifier assigned to this vulnerability.

Action-Not Available
Vendor-wang.marketxnx3
Product-wangmarketwangmarket
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-6188
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.7||MEDIUM
EPSS-0.12% / 31.49%
||
7 Day CHG~0.00%
Published-17 Nov, 2023 | 17:31
Updated-04 Sep, 2024 | 19:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GetSimpleCMS theme-edit.php code injection

A vulnerability was found in GetSimpleCMS 3.3.16/3.4.0a. It has been rated as critical. This issue affects some unknown processing of the file /admin/theme-edit.php. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-245735.

Action-Not Available
Vendor-get-simplen/a
Product-getsimplecmsGetSimpleCMS
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2006-7105
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.12% / 77.36%
||
7 Day CHG~0.00%
Published-03 Mar, 2007 | 21:00
Updated-17 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter. NOTE: in the original disclosure, filename is used in a function definition, so this report is probably incorrect

Action-Not Available
Vendor-smartyn/a
Product-smartyn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-6395
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.41% / 60.71%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 14:33
Updated-13 Feb, 2025 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mock: privilege escalation for users that can access mock configuration

The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, which may be included in certain configuration parameters. While the Mock documentation advises treating users added to the mock group as privileged, certain build systems invoking mock on behalf of users might inadvertently permit less privileged users to define configuration tags. These tags could then be passed as parameters to mock during execution, potentially leading to the utilization of Jinja2 templates for remote privilege escalation and the execution of arbitrary code as the root user on the build server.

Action-Not Available
Vendor-rpm-software-managementn/aRed Hat, Inc.Fedora Project
Product-mockextra_packages_for_enterprise_linuxfedoraRed Hat Enterprise Linux 6Extra Packages for Enterprise LinuxmockFedora
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-6248
Matching Score-4
Assigner-Automotive Security Research Group (ASRG)
ShareView Details
Matching Score-4
Assigner-Automotive Security Research Group (ASRG)
CVSS Score-10||CRITICAL
EPSS-3.21% / 86.53%
||
7 Day CHG~0.00%
Published-21 Nov, 2023 | 21:49
Updated-17 Oct, 2024 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Data leakage and arbitrary remote code execution in Syrus cloud devices

The Syrus4 IoT gateway utilizes an unsecured MQTT server to download and execute arbitrary commands, allowing a remote unauthenticated attacker to execute code on any Syrus4 device connected to the cloud service. The MQTT server also leaks the location, video and diagnostic data from each connected device. An attacker who knows the IP address of the server is able to connect and perform the following operations: * Get location data of the vehicle the device is connected to * Send CAN bus messages via the ECU module ( https://syrus.digitalcomtech.com/docs/ecu-1 https://syrus.digitalcomtech.com/docs/ecu-1 ) * Immobilize the vehicle via the safe-immobilizer module ( https://syrus.digitalcomtech.com/docs/system-tools#safe-immobilization https://syrus.digitalcomtech.com/docs/system-tools#safe-immobilization ) * Get live video through the connected video camera * Send audio messages to the driver ( https://syrus.digitalcomtech.com/docs/system-tools#apx-tts https://syrus.digitalcomtech.com/docs/system-tools#apx-tts )

Action-Not Available
Vendor-digitalcomtechDigital Communications Technologiesdigitalcomtech
Product-syrus_4g_iot_telematics_gatewaysyrus_4g_iot_telematics_gateway_firmwareSyrus4 IoT Telematics Gatewaysyrus_4g_iot_telematics_gateway_firmware
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2023-5604
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-9.8||CRITICAL
EPSS-5.46% / 89.82%
||
7 Day CHG~0.00%
Published-27 Nov, 2023 | 16:22
Updated-05 Jun, 2025 | 14:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Asgaros Forum < 2.7.1 - Unauthenticated Arbitrary File Upload

The Asgaros Forum WordPress plugin before 2.7.1 allows forum administrators, who may not be WordPress (super-)administrators, to set insecure configuration that allows unauthenticated users to upload dangerous files (e.g. .php, .phtml), potentially leading to remote code execution.

Action-Not Available
Vendor-asgarosUnknownasgaros
Product-asgaros_forumAsgaros Forumasgaros_forum
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-6126
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-4.3||MEDIUM
EPSS-0.14% / 35.02%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 15:51
Updated-08 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Code Injection in salesagility/suitecrm

Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

Action-Not Available
Vendor-SalesAgility Ltd.
Product-suitecrmsalesagility/suitecrm
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-6016
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-10||CRITICAL
EPSS-73.65% / 98.76%
||
7 Day CHG~0.00%
Published-16 Nov, 2023 | 16:06
Updated-02 Aug, 2024 | 08:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
H2O Remote Code Execution via POJO Model Import

An attacker is able to gain remote code execution on a server hosting the H2O dashboard through it's POJO model import feature.

Action-Not Available
Vendor-h2oh2oai
Product-h2oh2oai/h2o-3
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-28870
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.47% / 80.12%
||
7 Day CHG~0.00%
Published-10 Feb, 2021 | 00:19
Updated-04 Aug, 2024 | 16:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In InoERP 0.7.2, an unauthorized attacker can execute arbitrary code on the server side due to lack of validations in /modules/sys/form_personalization/json_fp.php.

Action-Not Available
Vendor-inoideasn/a
Product-inoerpn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2020-28464
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 63.71%
||
7 Day CHG~0.00%
Published-04 Jan, 2021 | 11:50
Updated-17 Sep, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Code Execution (RCE)

This affects the package djv before 2.1.4. By controlling the schema file, an attacker can run arbitrary JavaScript code on the victim machine.

Action-Not Available
Vendor-djv_projectn/a
Product-djvdjv
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2023-46480
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.54% / 80.66%
||
7 Day CHG~0.00%
Published-27 Nov, 2023 | 00:00
Updated-05 Jun, 2025 | 14:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in OwnCast v.0.1.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via the authHost parameter of the indieauth function.

Action-Not Available
Vendor-owncast_projectn/aowncast_project
Product-owncastn/aowncast
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2023-5550
Matching Score-4
Assigner-Fedora Project
ShareView Details
Matching Score-4
Assigner-Fedora Project
CVSS Score-6.5||MEDIUM
EPSS-1.03% / 76.39%
||
7 Day CHG~0.00%
Published-09 Nov, 2023 | 19:38
Updated-02 Aug, 2024 | 07:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Moodle: rce due to lfi risk in some misconfigured shared hosting environments

In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution.

Action-Not Available
Vendor-Moodle Pty LtdFedora Project
Product-extra_packages_for_enterprise_linuxfedoramoodlemoodle
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2022-24881
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-4.70% / 88.94%
||
7 Day CHG~0.00%
Published-26 Apr, 2022 | 16:06
Updated-22 Apr, 2025 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command Injection in Ballcat Codegen

Ballcat Codegen provides the function of online editing code to generate templates. In versions prior to 1.0.0.beta.2, attackers can implement remote code execution through malicious code injection of the template engine. This happens because Velocity and freemarker templates are introduced but input verification is not done. The fault is rectified in version 1.0.0.beta.2.

Action-Not Available
Vendor-ballcatballcat-projects
Product-codegenballcat-codegen
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 13
  • 14
  • Next
Details not found