VYPR

CWE-94

Improper Control of Generation of Code ('Code Injection')

BaseDraftLikelihood: Medium

Description

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-242 · CAPEC-35 · CAPEC-77

CVEs mapped to this weakness (3,775)

page 160 of 189
  • CVE-2014-6433Oct 7, 2014
    risk 0.00cvss epss 0.02

    gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary files via a the (1) a1 or (2) a2 parameter in a start action.

  • CVE-2014-3399Oct 7, 2014
    risk 0.00cvss epss 0.00

    The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and earlier does not properly manage session information during creation of a SharePoint handler, which allows remote authenticated users to overwrite arbitrary RAMFS cache files or inject Lua programs, and consequently cause a denial of service (portal outage or system reload), via crafted HTTP requests, aka Bug ID CSCup54208.

  • CVE-2014-4043Oct 6, 2014
    risk 0.00cvss epss 0.02

    The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities.

  • CVE-2014-6298Oct 3, 2014
    risk 0.00cvss epss 0.02

    Unrestricted file upload vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors.

  • CVE-2014-3947Oct 3, 2014
    risk 0.00cvss epss 0.02

    Unrestricted file upload vulnerability in the powermail extension before 1.6.11 and 2.x before 2.0.14 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with a crafted extension, then accessing it via unspecified vectors.

  • CVE-2012-5495Sep 30, 2014
    risk 0.00cvss epss 0.01

    python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to "go_back."

  • CVE-2012-5493Sep 30, 2014
    risk 0.00cvss epss 0.00

    gtbn.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain permissions to bypass the Python sandbox and execute arbitrary Python code via unspecified vectors.

  • CVE-2012-5488Sep 30, 2014
    risk 0.00cvss epss 0.01

    python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to createObject.

  • CVE-2012-5485Sep 30, 2014
    risk 0.00cvss epss 0.01

    registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via unspecified vectors, related to the admin interface.

  • CVE-2014-2639Sep 28, 2014
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in HP MPIO Device Specific Module Manager before 4.02.00 allows local users to gain privileges via unknown vectors.

  • CVE-2014-5324Sep 26, 2014
    risk 0.00cvss epss 0.00

    Unrestricted file upload vulnerability in the N-Media file uploader plugin before 3.4 for WordPress allows remote authenticated users to execute arbitrary PHP code by leveraging Author privileges to store a file.

  • CVE-2014-3910Sep 5, 2014
    risk 0.00cvss epss 0.00

    Emurasoft EmFTP allows local users to gain privileges via a Trojan horse executable file that is launched during an attempt to read a similarly named file that lacks a filename extension.

  • CVE-2014-2378Sep 5, 2014
    risk 0.00cvss epss 0.00

    Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and TrafficDOT before 2.10.3 do not verify the integrity of downloaded updates, which allows remote attackers to execute arbitrary code via a Trojan horse update.

  • CVE-2014-5340Sep 2, 2014
    risk 0.00cvss epss 0.03

    The wato component in Check_MK before 1.2.4p4 and 1.2.5 before 1.2.5i4 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to an automation URL.

  • CVE-2014-0485Sep 2, 2014
    risk 0.00cvss epss 0.02

    S3QL 1.18.1 and earlier uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object in (1) common.py or (2) local.py in backends/.

  • CVE-2014-5261Aug 22, 2014
    risk 0.00cvss epss 0.01

    The graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php.

  • CVE-2014-4767Aug 22, 2014
    risk 0.00cvss epss 0.01

    IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x before 8.5.5.3 does not properly use the Liberty Repository for feature installation, which allows remote authenticated users to execute arbitrary code via unspecified vectors.

  • CVE-2014-5158Aug 21, 2014
    risk 0.00cvss epss 0.05

    The (1) av-centerd SOAP service and (2) backup command in the ossim-framework service in AlienVault OSSIM before 4.6.0 allows remote attackers to execute arbitrary commands via unspecified vectors.

  • CVE-2014-3429Aug 7, 2014
    risk 0.00cvss epss 0.02

    IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page.

  • CVE-2013-7394Aug 7, 2014
    risk 0.00cvss epss 0.01

    The "runshellscript echo.sh" script in Splunk before 5.0.5 allows remote authenticated users to execute arbitrary commands via a crafted string. NOTE: this issue was SPLIT from CVE-2013-6771 per ADT2 due to different vulnerability types.