CWE-94

Improper Control of Generation of Code ('Code Injection')

BaseDraftLikelihood: Medium

Description

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-242 · CAPEC-35 · CAPEC-77

CVEs mapped to this weakness (4,559)

page 209 of 228

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2012-0693	Whmcs Whmcompletesolution	—	0.00	Jan 14, 2012	submitticket.php in WHMCompleteSolution (WHMCS) 5.03 allows remote attackers to inject arbitrary code into a subject field via crafted ticket data, a different vulnerability than CVE-2011-5061. NOTE: the vendor disputes this issue, noting that some of the details overlap…
CVE-2011-5061	Whmcs Whmcompletesolution	—	0.02	Jan 14, 2012	functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x allows remote attackers to trigger arbitrary code execution in the Smarty templating system by submitting a crafted ticket, related to improper handling of characters in the subject field.
CVE-2012-0310	Cogentdatahub Cogent Datahub	—	0.01	Jan 13, 2012	CRLF injection vulnerability in Cogent DataHub 7.1.2 and earlier, Cascade DataHub 6.4.20 and earlier, and OPC DataHub 6.4.20 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
CVE-2011-4787	Microfocus Easy Printer Care Software	—	0.01	Jan 12, 2012	A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-2404 and…
CVE-2011-5021	Phpids Phpids	—	0.00	Dec 29, 2011	PHPIDS before 0.7 does not properly implement Regular Expression Denial of Service (ReDoS) filters, which allows remote attackers to bypass rulesets and add PHP sequences to a file via unspecified vectors.
CVE-2011-1392	IBM Rational Rhapsody	—	0.02	Dec 23, 2011	The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the (1) Start, (2) PauseAndSave, (3) InsertMarker, and (4) InsertSoundToFBRAtMarker…
CVE-2011-1391	IBM Rational Rhapsody	—	0.02	Dec 23, 2011	The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the InsertMarker method, which allows remote attackers to execute arbitrary code via…
CVE-2011-1388	IBM Rational Rhapsody	—	0.02	Dec 23, 2011	The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the TestCompatibilityRecordMode method, which allows remote attackers to execute…
CVE-2011-4203	Moodle Moodle	—	0.00	Dec 22, 2011	CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, 2.1.x before 2.1.3, and 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors involving…
CVE-2011-4201	Restorepoint Restorepoint	—	0.01	Dec 13, 2011	remote_support.cgi in the Tadasoft Restorepoint 3.2 evaluation image allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) pid1 or (2) pid2 parameter in a stop_remote_support action.
CVE-2011-4668	IBM Tivoli Netcool\/reporter	—	0.04	Dec 2, 2011	IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers to execute arbitrary code via vectors related to an unspecified CGI program used with the Apache HTTP Server.
CVE-2011-4646	Lesterchan Wp Postratings (wordpress Plugin)	—	0.00	Nov 30, 2011	SQL injection vulnerability in wp-postratings.php in the WP-PostRatings plugin 1.50, 1.61, and probably other versions before 1.62 for WordPress allows remote authenticated users with the Author role to execute arbitrary SQL commands via the id attribute of the ratings shortcode…
CVE-2011-3828	Sunplus Tech Dvr Remote Activex Control	—	0.02	Nov 26, 2011	DVRemoteAx.ax 2.1.0.39 in the DVR Remote ActiveX control allows remote attackers to execute arbitrary code via a crafted DVRobot.dll file in a manifest directory on a web server.
CVE-2011-4260	RealNetworks Realplayer	—	0.02	Nov 24, 2011	RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed header in an MP4 file.
CVE-2011-4258	RealNetworks Realplayer	—	0.02	Nov 24, 2011	RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted length of an MLTI chunk in an IVR file.
CVE-2011-4257	RealNetworks Realplayer	—	0.02	Nov 24, 2011	The Cook codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via crafted channel data.
CVE-2011-4256	RealNetworks Realplayer	—	0.05	Nov 24, 2011	The RV30 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 does not initialize an unspecified index value, which allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2011-4254	RealNetworks Realplayer	—	0.05	Nov 24, 2011	RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted RTSP SETUP request.
CVE-2011-4252	RealNetworks Realplayer	—	0.02	Nov 24, 2011	The RV10 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via a crafted sample height.
CVE-2011-4251	RealNetworks Realplayer	—	0.02	Nov 24, 2011	RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted sample size in a RealAudio file.

CVE-2012-0693Jan 14, 2012
Whmcs
Whmcompletesolution
risk 0.00cvss —epss 0.00
submitticket.php in WHMCompleteSolution (WHMCS) 5.03 allows remote attackers to inject arbitrary code into a subject field via crafted ticket data, a different vulnerability than CVE-2011-5061. NOTE: the vendor disputes this issue, noting that some of the details overlap…
CVE-2011-5061Jan 14, 2012
Whmcs
Whmcompletesolution
risk 0.00cvss —epss 0.02
functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x allows remote attackers to trigger arbitrary code execution in the Smarty templating system by submitting a crafted ticket, related to improper handling of characters in the subject field.
CVE-2012-0310Jan 13, 2012
Cogentdatahub
Cogent Datahub
risk 0.00cvss —epss 0.01
CRLF injection vulnerability in Cogent DataHub 7.1.2 and earlier, Cascade DataHub 6.4.20 and earlier, and OPC DataHub 6.4.20 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
CVE-2011-4787Jan 12, 2012
Microfocus
Easy Printer Care Software
risk 0.00cvss —epss 0.01
A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-2404 and…
CVE-2011-5021Dec 29, 2011
Phpids
Phpids
risk 0.00cvss —epss 0.00
PHPIDS before 0.7 does not properly implement Regular Expression Denial of Service (ReDoS) filters, which allows remote attackers to bypass rulesets and add PHP sequences to a file via unspecified vectors.
CVE-2011-1392Dec 23, 2011
IBM
Rational Rhapsody
risk 0.00cvss —epss 0.02
The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the (1) Start, (2) PauseAndSave, (3) InsertMarker, and (4) InsertSoundToFBRAtMarker…
CVE-2011-1391Dec 23, 2011
IBM
Rational Rhapsody
risk 0.00cvss —epss 0.02
The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the InsertMarker method, which allows remote attackers to execute arbitrary code via…
CVE-2011-1388Dec 23, 2011
IBM
Rational Rhapsody
risk 0.00cvss —epss 0.02
The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the TestCompatibilityRecordMode method, which allows remote attackers to execute…
CVE-2011-4203Dec 22, 2011
Moodle
Moodle
risk 0.00cvss —epss 0.00
CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, 2.1.x before 2.1.3, and 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors involving…
CVE-2011-4201Dec 13, 2011
Restorepoint
Restorepoint
risk 0.00cvss —epss 0.01
remote_support.cgi in the Tadasoft Restorepoint 3.2 evaluation image allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) pid1 or (2) pid2 parameter in a stop_remote_support action.
CVE-2011-4668Dec 2, 2011
IBM
Tivoli Netcool\/reporter
risk 0.00cvss —epss 0.04
IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers to execute arbitrary code via vectors related to an unspecified CGI program used with the Apache HTTP Server.
CVE-2011-4646Nov 30, 2011
Lesterchan
Wp Postratings (wordpress Plugin)
risk 0.00cvss —epss 0.00
SQL injection vulnerability in wp-postratings.php in the WP-PostRatings plugin 1.50, 1.61, and probably other versions before 1.62 for WordPress allows remote authenticated users with the Author role to execute arbitrary SQL commands via the id attribute of the ratings shortcode…
CVE-2011-3828Nov 26, 2011
Sunplus Tech
Dvr Remote Activex Control
risk 0.00cvss —epss 0.02
DVRemoteAx.ax 2.1.0.39 in the DVR Remote ActiveX control allows remote attackers to execute arbitrary code via a crafted DVRobot.dll file in a manifest directory on a web server.
CVE-2011-4260Nov 24, 2011
RealNetworks
Realplayer
risk 0.00cvss —epss 0.02
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed header in an MP4 file.
CVE-2011-4258Nov 24, 2011
RealNetworks
Realplayer
risk 0.00cvss —epss 0.02
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted length of an MLTI chunk in an IVR file.
CVE-2011-4257Nov 24, 2011
RealNetworks
Realplayer
risk 0.00cvss —epss 0.02
The Cook codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via crafted channel data.
CVE-2011-4256Nov 24, 2011
RealNetworks
Realplayer
risk 0.00cvss —epss 0.05
The RV30 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 does not initialize an unspecified index value, which allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2011-4254Nov 24, 2011
RealNetworks
Realplayer
risk 0.00cvss —epss 0.05
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted RTSP SETUP request.
CVE-2011-4252Nov 24, 2011
RealNetworks
Realplayer
risk 0.00cvss —epss 0.02
The RV10 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via a crafted sample height.
CVE-2011-4251Nov 24, 2011
RealNetworks
Realplayer
risk 0.00cvss —epss 0.02
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted sample size in a RealAudio file.