VYPR

CWE-94

Improper Control of Generation of Code ('Code Injection')

BaseDraftLikelihood: Medium

Description

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-242 · CAPEC-35 · CAPEC-77

CVEs mapped to this weakness (3,775)

page 159 of 189
  • CVE-2012-2301Nov 16, 2014
    risk 0.00cvss epss 0.01

    The Ubercart module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer product classes" permission to execute arbitrary PHP code via unspecified vectors.

  • CVE-2014-2177Nov 7, 2014
    risk 0.00cvss epss 0.01

    The network-diagnostics administration interface in the Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and before 1.0.4.14 on RV180 and RV180W devices allows remote authenticated users to execute arbitrary commands via a crafted HTTP request, aka Bug ID CSCuh87126.

  • CVE-2014-8661Nov 6, 2014
    risk 0.00cvss epss 0.04

    The SAP CRM Internet Sales module allows remote attackers to execute arbitrary commands via unspecified vectors.

  • CVE-2014-8660Nov 6, 2014
    risk 0.00cvss epss 0.00

    SAP Document Management Services allows local users to execute arbitrary commands via unspecified vectors.

  • CVE-2013-6399Nov 4, 2014
    risk 0.00cvss epss 0.02

    Array index error in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image.

  • CVE-2013-4537Nov 4, 2014
    risk 0.00cvss epss 0.02

    The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image.

  • CVE-2013-4151Nov 4, 2014
    risk 0.00cvss epss 0.01

    The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write.

  • CVE-2014-8350Nov 3, 2014
    risk 0.00cvss epss 0.00

    Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "{literal}<{/literal}script language=php>" in a template.

  • CVE-2014-8081Oct 31, 2014
    risk 0.00cvss epss 0.03

    lib/execute/execSetResults.php in TestLink before 1.9.13 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the filter_result_result parameter.

  • CVE-2012-5580Oct 27, 2014
    risk 0.00cvss epss 0.01

    Format string vulnerability in the print_proxies function in bin/proxy.c in libproxy 0.3.1 might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a proxy name, as demonstrated using the http_proxy environment variable or a PAC file.

  • CVE-2003-1599Oct 27, 2014
    risk 0.00cvss epss 0.01

    PHP remote file inclusion vulnerability in wp-links/links.all.php in WordPress 0.70 allows remote attackers to execute arbitrary PHP code via a URL in the $abspath variable.

  • CVE-2014-2988Oct 27, 2014
    risk 0.00cvss epss 0.01

    EGroupware Enterprise Line (EPL) before 1.1.20140505, EGroupware Community Edition before 1.8.007.20140506, and EGroupware before 14.1 beta allows remote authenticated administrators to execute arbitrary PHP code via crafted callback values to the call_user_func PHP function, as demonstrated using the newsettings[system] parameter. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2987.

  • CVE-2010-4820Oct 27, 2014
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055.

  • CVE-2014-8346Oct 24, 2014
    risk 0.00cvss epss 0.00

    The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic.

  • CVE-2014-8313Oct 16, 2014
    risk 0.00cvss epss 0.01

    Eval injection in ide/core/base/server/net.xsjs in the Developer Workbench in SAP HANA allows remote attackers to execute arbitrary XSJX code via unspecified vectors.

  • CVE-2014-3666Oct 16, 2014
    risk 0.00cvss epss 0.01

    Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to execute arbitrary code via a crafted packet to the CLI channel.

  • CVE-2014-3593Oct 15, 2014
    risk 0.00cvss epss 0.00

    Eval injection vulnerability in luci 0.26.0 allows remote authenticated users with certain permissions to execute arbitrary Python code via a crafted cluster configuration.

  • CVE-2014-5297Oct 10, 2014
    risk 0.00cvss epss 0.01

    The actionSendErrorReport method in protected/controllers/SiteController.php in X2Engine 2.8 through 4.1.7 allows remote attackers to conduct PHP object injection and Server-Side Request Forgery (SSRF) attacks via crafted serialized data in the report parameter.

  • CVE-2014-7296Oct 8, 2014
    risk 0.00cvss epss 0.01

    The default configuration in the accessibility engine in SpagoBI 5.0.0 does not set FEATURE_SECURE_PROCESSING, which allows remote authenticated users to execute arbitrary Java code via a crafted XSL document.

  • CVE-2014-3188Oct 8, 2014
    risk 0.00cvss epss 0.03

    Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in json-parser.h.