VYPR

CWE-94

Improper Control of Generation of Code ('Code Injection')

BaseDraftLikelihood: Medium

Description

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-242 · CAPEC-35 · CAPEC-77

CVEs mapped to this weakness (4,701)

page 27 of 236
  • CVE-2017-2968CriFeb 15, 2017
    risk 0.59cvss 9.1epss 0.03

    Adobe Campaign versions 16.4 Build 8724 and earlier have a code injection vulnerability.

  • CVE-2015-8761CriJan 8, 2016
    risk 0.59cvss 9.0epss 0.01

    The Values module 7.x-1.x before 7.x-1.2 for Drupal does not properly check permissions, which allows remote administrators with the "Import value sets" permission to execute arbitrary PHP code via the exported values list in a ctools import.

  • CVE-2012-0175HigJul 10, 2012
    risk 0.59cvss 8.8epss 0.26

    The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted name for a (1) file or (2) directory, aka "Command…

  • CVE-2026-45132CriJun 1, 2026
    risk 0.58cvss 10.0epss 0.00

    CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow (generate-schema.yaml) exposes sensitive credentials (Personal Access Token and SSH signing key) to fork-controlled code due to unsafe checkout and credential…

  • CVE-2026-45131CriJun 1, 2026
    risk 0.58cvss 10.0epss 0.00

    CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow (pull-request.yaml) executes attacker-controlled code from fork pull requests in a privileged context, exposing repository secrets including Docker Hub…

  • CVE-2026-43898CriMay 28, 2026
    risk 0.58cvss 10.0epss 0.00

    SandboxJS is a JavaScript sandboxing library. Prior to 0.9.6, sandbox-defined functions expose Function.caller, allowing sandboxed code to recover the internal LispType.Call runtime callback. That callback can then be invoked with attacker-controlled fake context and obj values…

  • CVE-2026-44262CriMay 12, 2026
    risk 0.58cvss 9.4epss 0.06

    Scramble generates API documentation for Laravel project. From 0.13.2 to before 0.13.22, when documentation endpoints are publicly accessible and validation rules reference user-controlled input, request supplied data may be evaluated during documentation generation, leading to…

  • CVE-2026-42298CriMay 8, 2026
    risk 0.58cvss 10.0epss 0.01

    Postiz is an AI social media scheduling tool. Prior to commit da44801, a "Pwn Request" vulnerability in the Build and Publish PR Docker Image workflow (.github/workflows/pr-docker-build.yml) allows any unauthenticated user to execute arbitrary code during the Docker build…

  • CVE-2026-41196CriApr 23, 2026
    risk 0.58cvss 10.0epss 0.00

    Luanti (formerly Minetest) is an open source voxel game-creation platform. Starting in version 5.0.0 and prior to version 5.15.2, a malicious mod can trivially escape the sandboxed Lua environment to execute arbitrary code and gain full filesystem access on the user's device.…

  • CVE-2026-40911CriApr 21, 2026
    risk 0.58cvss 10.0epss 0.01

    WWBN AVideo is an open source video platform. In versions 29.0 and prior, the YPTSocket plugin's WebSocket server relays attacker-supplied JSON message bodies to every connected client without sanitizing the `msg` or `callback` fields. On the client side,…

  • CVE-2026-39337CriApr 7, 2026
    risk 0.58cvss 10.0epss 0.01

    ChurchCRM is an open-source church management system. Prior to 7.1.0, critical pre-authentication remote code execution vulnerability in ChurchCRM's setup wizard allows unauthenticated attackers to inject arbitrary PHP code during the initial installation process, leading to…

  • CVE-2026-28505CriMar 30, 2026
    risk 0.58cvss 10.0epss 0.00

    Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the str_eval() function in notification_handler.py implements a sandboxed eval() for notification text templates. The sandbox attempts to restrict callable names by inspecting…

  • CVE-2025-65108CriNov 21, 2025
    risk 0.58cvss 10.0epss 0.01

    md-to-pdf is a CLI tool for converting Markdown files to PDF using Node.js and headless Chrome. Prior to version 5.2.5, a Markdown front-matter block that contains JavaScript delimiter causes the JS engine in gray-matter library to execute arbitrary code in the Markdown to PDF…

  • CVE-2010-20120HigAug 21, 2025
    risk 0.58cvss epss 0.00

    Maple versions up to and including 13's Maplet framework allows embedded commands to be executed automatically when a .maplet file is opened. This behavior bypasses standard security restrictions that normally prevent code execution in regular Maple worksheets. The vulnerability…

  • CVE-2013-10057HigAug 1, 2025
    risk 0.58cvss epss 0.01

    A stack-based buffer overflow vulnerability exists in Synactis PDF In-The-Box ActiveX control (PDF_IN_1.ocx), specifically the ConnectToSynactis method. When a long string is passed to this method—intended to populate the ldCmdLine argument of a WinExec call—a strcpy…

  • CVE-2025-1302CriFeb 15, 2025
    risk 0.58cvss 9.8epss 0.11

    Versions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of eval='safe' mode. **Note:** This is caused by…

  • CVE-2024-10771HigDec 6, 2024
    risk 0.58cvss 8.8epss 0.01

    Due to missing input validation during one step of the firmware update process, the product is vulnerable to remote code execution. With network access and the user level ”Service”, an attacker can execute arbitrary system commands in the root user’s contexts.

  • CVE-2024-37779HigSep 23, 2024
    risk 0.58cvss 8.8epss 0.01

    WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the Apache Ant script functionality.

  • CVE-2024-42845HigAug 23, 2024
    risk 0.58cvss 8.0epss 0.03

    An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file.

  • CVE-2024-6726HigJul 29, 2024
    risk 0.58cvss 8.8epss 0.01

    Versions of Delphix Engine prior to Release 25.0.0.0 contain a flaw which results in Remote Code Execution (RCE).