VYPR

CWE-94

Improper Control of Generation of Code ('Code Injection')

BaseDraftLikelihood: Medium

Description

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-242 · CAPEC-35 · CAPEC-77

CVEs mapped to this weakness (4,701)

page 4 of 236
  • CVE-2008-1511CriMar 25, 2008
    risk 0.67cvss 9.8epss 0.03

    Multiple PHP remote file inclusion vulnerabilities in ooComments 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the PathToComment parameter for (1) classes/class_admin.php and (2) classes/class_comments.php. NOTE: the provenance of this information is…

  • CVE-2006-5021CriSep 27, 2006
    risk 0.67cvss 9.8epss 0.03

    Multiple PHP remote file inclusion vulnerabilities in redgun RedBLoG 0.5 allow remote attackers to execute arbitrary PHP code via a URL in (1) the root parameter in imgen.php, and the root_path parameter in (2) admin/config.php, (3) common.php, and (4) admin/index.php. NOTE:…

  • CVE-2026-29014CriApr 1, 2026
    risk 0.66cvss 9.8epss 0.40

    MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated PHP code injection vulnerability that allows remote attackers to execute arbitrary code by sending crafted requests with malicious PHP code. Attackers can exploit insufficient input neutralization in the execution…

  • CVE-2025-13486CriDec 3, 2025
    risk 0.66cvss 9.8epss 0.74

    The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Remote Code Execution in versions 0.9.0.5 through 0.9.1.1 via the prepare_form() function. This is due to the function accepting user input and then passing that through call_user_func_array(). This makes…

  • CVE-2025-41243CriSep 16, 2025
    risk 0.66cvss 10.0epss 0.03

    Spring Cloud Gateway Server Webflux may be vulnerable to Spring Environment property modification. An application should be considered vulnerable when all the following are true: * The application is using Spring Cloud Gateway Server Webflux (Spring Cloud Gateway Server…

  • CVE-2024-11635CriJan 8, 2025
    risk 0.66cvss 9.8epss 0.01

    The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.24.12 via the 'wfu_ABSPATH' cookie parameter. This makes it possible for unauthenticated attackers to execute code on the server.

  • CVE-2024-33644CriMay 17, 2024
    risk 0.66cvss 9.9epss 0.01

    Improper Control of Generation of Code ('Code Injection') vulnerability in WPCustomify Customify Site Library allows Code Injection.This issue affects Customify Site Library: from n/a through 0.0.9.

  • CVE-2021-4434CriJan 17, 2024
    risk 0.66cvss 10.0epss 0.02

    The Social Warfare plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 3.5.2 via the 'swp_url' parameter. This allows attackers to execute code on the server.

  • CVE-2023-47840CriDec 29, 2023
    risk 0.66cvss 9.9epss 0.01

    Improper Control of Generation of Code ('Code Injection') vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2.

  • CVE-2017-7411HigOct 30, 2017
    risk 0.66cvss 8.8epss 0.67

    An issue was discovered in Enalean Tuleap 9.6 and prior versions. The vulnerability exists because the User::getRecentElements() method is using the unserialize() function with a preference value that can be arbitrarily manipulated by malicious users through the REST API…

  • CVE-2016-5734CriJul 3, 2016
    risk 0.66cvss 9.8epss 0.81

    phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace e (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated…

  • CVE-2016-1985CriJan 30, 2016
    risk 0.66cvss 10.0epss 0.07

    HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

  • CVE-2009-2512CriNov 11, 2009
    risk 0.66cvss 9.8epss 0.31

    The Web Services on Devices API (WSDAPI) in Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly process the headers of WSD messages, which allows remote attackers to execute arbitrary code via a crafted (1) message or (2) response, aka "Web Services…

  • CVE-2026-48836CriJun 15, 2026
    risk 0.65cvss 10.0epss 0.01

    Unauthenticated Remote Code Execution (RCE) in Easy Invoice <= 2.1.19 versions.

  • CVE-2026-52704CriJun 15, 2026
    risk 0.65cvss 10.0epss 0.00

    Improper Control of Generation of Code ('Code Injection') vulnerability in Edgar Rojas WooCommerce PDF Invoice Builder allows Remote Code Inclusion. This issue affects WooCommerce PDF Invoice Builder: from n/a through 2.0.8.

  • CVE-2026-45829CriMay 18, 2026
    risk 0.65cvss epss 0.12

    A pre-authentication, code injection vulnerability in version 1.0.0 or later of the ChromaDB Python project allows an unauthenticated attacker to run arbitrary code on the server by sending a malicious model repository and trust_remote_code set to true in…

  • CVE-2026-44006CriMay 13, 2026
    risk 0.65cvss 10.0epss 0.01

    vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, It is possible to reach BaseHandler.getPrototypeOf, which can be used to get arbitrary prototypes. This vulnerability is fixed in 3.11.0.

  • CVE-2026-44005CriMay 13, 2026
    risk 0.65cvss 10.0epss 0.01

    vm2 is an open source vm/sandbox for Node.js. From 3.9.6 to 3.10.5, vm2's bridge exposes mutable proxies for real host-realm intrinsic prototypes and then forwards sandbox writes into the underlying host objects with otherReflectSet() and otherReflectDefineProperty(), which lets…

  • CVE-2026-43997CriMay 13, 2026
    risk 0.65cvss 10.0epss 0.01

    vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, it is possible to obtain the host Object. There are various ways to use the host Object, to escape the sandbox, one example would be using HostObject.getOwnPropertySymbols to obtain…

  • CVE-2026-42288CriMay 12, 2026
    risk 0.65cvss 10.0epss 0.01

    ChurchCRM is an open-source church management system. Prior to 7.3.2, The fix for CVE-2026-39337 is incomplete. The pre-authentication remote code execution vulnerability in ChurchCRM's setup wizard via unsanitized DB_PASSWORD remains fully exploitable This vulnerability is…