CWE-94
Improper Control of Generation of Code ('Code Injection')
Description
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-242 · CAPEC-35 · CAPEC-77
CVEs mapped to this weakness (4,701)
page 234 of 236| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-1890 | 0.00 | — | 0.04 | Apr 20, 2006 | Multiple PHP remote file inclusion vulnerabilities in myWebland myEvent 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the myevent_path parameter in (1) event.php and (2) initialize.php. NOTE: vector 2 was later reported to affect 1.4 as well. | |||
| CVE-2006-1636 | 0.00 | — | 0.02 | Apr 6, 2006 | PHP remote file inclusion vulnerability in get_header.php in VWar 1.5.0 R12 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwar_root parameter. NOTE: this is a different vulnerability than CVE-2006-1503. | |||
| CVE-2006-1503 | 0.00 | — | 0.02 | Mar 30, 2006 | PHP remote file inclusion vulnerability in includes/functions_install.php in Virtual War (VWar) 1.5.0 R11 and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the vwar_root parameter. NOTE: this is a different vulnerability than… | |||
| CVE-2006-1251 | 0.00 | — | 0.01 | Mar 19, 2006 | Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm… | |||
| CVE-2006-0397 | 0.00 | — | 0.02 | Mar 14, 2006 | Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is… | |||
| CVE-2006-0398 | 0.00 | — | 0.02 | Mar 14, 2006 | Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is… | |||
| CVE-2006-0399 | 0.00 | — | 0.02 | Mar 14, 2006 | Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is… | |||
| CVE-2006-1154 | 0.00 | — | 0.03 | Mar 10, 2006 | PHP remote file inclusion vulnerability in archive.php in Fantastic News 2.1.2 allows remote attackers to include arbitrary files via the CONFIG[script_path] variable. NOTE: 2.1.4 was also reported to be vulnerable. | |||
| CVE-2006-0388 | 0.00 | — | 0.01 | Mar 3, 2006 | Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources. | |||
| CVE-2006-0945 | 0.00 | — | 0.01 | Mar 1, 2006 | PHP remote file include vulnerability in admin/index.php in Archangel Weblog 0.90.02 allows remote authenticated administrators to execute arbitrary PHP code via a URL ending in a NULL (%00) in the index parameter. | |||
| CVE-2006-0854 | 0.00 | — | 0.02 | Feb 23, 2006 | PHP remote file inclusion vulnerability in common.php in Intensive Point iUser Ecommerce allows remote attackers to include arbitrary files via a URL in the include_path variable, which is not initialized before being used. | |||
| CVE-2006-0723 | 0.00 | — | 0.02 | Feb 16, 2006 | PHP remote file inclusion vulnerability in preview.php in Reamday Enterprises Magic News Lite 1.2.3, when register_globals is enabled, allows remote attackers to include arbitrary files via a URL in the php_script_path parameter. | |||
| CVE-2006-0332 | 0.00 | — | 0.01 | Jan 21, 2006 | Pantomime in Ecartis 1.0.0 snapshot 20050909 stores e-mail attachments in a publicly accessible directory, which may allow remote attackers to upload arbitrary files. | |||
| CVE-2006-0236 | 0.00 | — | 0.02 | Jan 18, 2006 | GUI display truncation vulnerability in Mozilla Thunderbird 1.0.2, 1.0.6, and 1.0.7 allows user-assisted attackers to execute arbitrary code via an attachment with a filename containing a large number of spaces ending with a dangerous extension that is not displayed by… | |||
| CVE-2006-0207 | 0.00 | — | 0.04 | Jan 13, 2006 | Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote attackers to inject arbitrary HTTP headers via a crafted Set-Cookie header, related to the (1) session extension (aka ext/session) and the (2) header function. | |||
| CVE-2006-0144 | 0.00 | — | 0.02 | Jan 9, 2006 | The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified version of Tar.php with a malicious extractModify function. | |||
| CVE-2006-0094 | 0.00 | — | 0.01 | Jan 5, 2006 | PHP remote file include vulnerability in forum.php in oaBoard 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc_stat parameter, a different vulnerability than CVE-2006-0076. NOTE: the provenance of this information is unknown; the details are… | |||
| CVE-2005-4874 | 0.00 | — | 0.01 | Dec 31, 2005 | The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE method, which allows remote attackers to obtain (1) proxy authentication passwords via a request with a "Max-Forwards: 0" header or (2) arbitrary local passwords on the web server that hosts this object. | |||
| CVE-2005-3835 | 0.00 | — | 0.02 | Nov 26, 2005 | PHP remote file inclusion vulnerability in support/index.php in DeskLance 2.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the main parameter. | |||
| CVE-2005-3775 | 0.00 | — | 0.02 | Nov 23, 2005 | PHP remote file inclusion vulnerability in pollvote.php in PollVote allows remote attackers to include arbitrary files via a URL in the pollname parameter. |
- CVE-2006-1890Apr 20, 2006risk 0.00cvss —epss 0.04
Multiple PHP remote file inclusion vulnerabilities in myWebland myEvent 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the myevent_path parameter in (1) event.php and (2) initialize.php. NOTE: vector 2 was later reported to affect 1.4 as well.
- CVE-2006-1636Apr 6, 2006risk 0.00cvss —epss 0.02
PHP remote file inclusion vulnerability in get_header.php in VWar 1.5.0 R12 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwar_root parameter. NOTE: this is a different vulnerability than CVE-2006-1503.
- CVE-2006-1503Mar 30, 2006risk 0.00cvss —epss 0.02
PHP remote file inclusion vulnerability in includes/functions_install.php in Virtual War (VWar) 1.5.0 R11 and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the vwar_root parameter. NOTE: this is a different vulnerability than…
- CVE-2006-1251Mar 19, 2006risk 0.00cvss —epss 0.01
Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm…
- CVE-2006-0397Mar 14, 2006risk 0.00cvss —epss 0.02
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is…
- CVE-2006-0398Mar 14, 2006risk 0.00cvss —epss 0.02
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is…
- CVE-2006-0399Mar 14, 2006risk 0.00cvss —epss 0.02
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is…
- CVE-2006-1154Mar 10, 2006risk 0.00cvss —epss 0.03
PHP remote file inclusion vulnerability in archive.php in Fantastic News 2.1.2 allows remote attackers to include arbitrary files via the CONFIG[script_path] variable. NOTE: 2.1.4 was also reported to be vulnerable.
- CVE-2006-0388Mar 3, 2006risk 0.00cvss —epss 0.01
Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources.
- CVE-2006-0945Mar 1, 2006risk 0.00cvss —epss 0.01
PHP remote file include vulnerability in admin/index.php in Archangel Weblog 0.90.02 allows remote authenticated administrators to execute arbitrary PHP code via a URL ending in a NULL (%00) in the index parameter.
- CVE-2006-0854Feb 23, 2006risk 0.00cvss —epss 0.02
PHP remote file inclusion vulnerability in common.php in Intensive Point iUser Ecommerce allows remote attackers to include arbitrary files via a URL in the include_path variable, which is not initialized before being used.
- CVE-2006-0723Feb 16, 2006risk 0.00cvss —epss 0.02
PHP remote file inclusion vulnerability in preview.php in Reamday Enterprises Magic News Lite 1.2.3, when register_globals is enabled, allows remote attackers to include arbitrary files via a URL in the php_script_path parameter.
- CVE-2006-0332Jan 21, 2006risk 0.00cvss —epss 0.01
Pantomime in Ecartis 1.0.0 snapshot 20050909 stores e-mail attachments in a publicly accessible directory, which may allow remote attackers to upload arbitrary files.
- CVE-2006-0236Jan 18, 2006risk 0.00cvss —epss 0.02
GUI display truncation vulnerability in Mozilla Thunderbird 1.0.2, 1.0.6, and 1.0.7 allows user-assisted attackers to execute arbitrary code via an attachment with a filename containing a large number of spaces ending with a dangerous extension that is not displayed by…
- CVE-2006-0207Jan 13, 2006risk 0.00cvss —epss 0.04
Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote attackers to inject arbitrary HTTP headers via a crafted Set-Cookie header, related to the (1) session extension (aka ext/session) and the (2) header function.
- CVE-2006-0144Jan 9, 2006risk 0.00cvss —epss 0.02
The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified version of Tar.php with a malicious extractModify function.
- CVE-2006-0094Jan 5, 2006risk 0.00cvss —epss 0.01
PHP remote file include vulnerability in forum.php in oaBoard 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc_stat parameter, a different vulnerability than CVE-2006-0076. NOTE: the provenance of this information is unknown; the details are…
- CVE-2005-4874Dec 31, 2005risk 0.00cvss —epss 0.01
The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE method, which allows remote attackers to obtain (1) proxy authentication passwords via a request with a "Max-Forwards: 0" header or (2) arbitrary local passwords on the web server that hosts this object.
- CVE-2005-3835Nov 26, 2005risk 0.00cvss —epss 0.02
PHP remote file inclusion vulnerability in support/index.php in DeskLance 2.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the main parameter.
- CVE-2005-3775Nov 23, 2005risk 0.00cvss —epss 0.02
PHP remote file inclusion vulnerability in pollvote.php in PollVote allows remote attackers to include arbitrary files via a URL in the pollname parameter.