CWE-94
Improper Control of Generation of Code ('Code Injection')
BaseDraftLikelihood: Medium
Description
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-242 · CAPEC-35 · CAPEC-77
CVEs mapped to this weakness (3,775)
page 5 of 189| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-34128 | Hig | 0.65 | — | 0.70 | Jul 16, 2025 | A buffer overflow vulnerability exists in the X360 VideoPlayer ActiveX control (VideoPlayer.ocx) version 2.6 when handling overly long arguments to the ConvertFile() method. An attacker can exploit this vulnerability by supplying crafted input to cause memory corruption and execute arbitrary code within the context of the current process. | |
| CVE-2025-42967 | Cri | 0.65 | 9.9 | 0.02 | Jul 8, 2025 | SAP S/4HANA and SAP SCM Characteristic Propagation has remote code execution vulnerability. This allows an attacker with user level privileges to create a new report with his own code potentially gaining full control of the affected SAP system causing high impact on confidentiality, integrity, and availability of the application. | |
| CVE-2025-49302 | Cri | 0.65 | 10.0 | 0.00 | Jul 4, 2025 | Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson Easy Stripe easy-stripe allows Remote Code Inclusion.This issue affects Easy Stripe: from n/a through <= 1.1. | |
| CVE-2025-6512 | Cri | 0.65 | 10.0 | 0.00 | Jun 23, 2025 | On a client with a non-admin user, a script can be integrated into a report. The reports could later be executed on the BRAIN2 server with administrator rights. | |
| CVE-2025-29902 | Cri | 0.65 | 10.0 | 0.02 | Jun 13, 2025 | Remote code execution that allows unauthorized users to execute arbitrary code on the server machine. | |
| CVE-2025-48123 | Cri | 0.65 | 10.0 | 0.00 | Jun 9, 2025 | Improper Control of Generation of Code ('Code Injection') vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light excel-like-price-change-for-woocommerce-and-wp-e-commerce-light allows Code Injection.This issue affects Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light: from n/a through <= 2.4.37. | |
| CVE-2025-30580 | Cri | 0.65 | 10.0 | 0.01 | Apr 1, 2025 | Improper Control of Generation of Code ('Code Injection') vulnerability in kellydiek DigiWidgets Image Editor digiwidgets-image-editor allows Remote Code Inclusion.This issue affects DigiWidgets Image Editor: from n/a through <= 1.10. | |
| CVE-2025-26936 | Cri | 0.65 | 10.0 | 0.00 | Mar 10, 2025 | Improper Control of Generation of Code ('Code Injection') vulnerability in FRESHFACE Fresh Framework fresh-framework allows Code Injection.This issue affects Fresh Framework: from n/a through <= 1.70.0. | |
| CVE-2025-26970 | Cri | 0.65 | 10.0 | 0.00 | Mar 3, 2025 | Improper Control of Generation of Code ('Code Injection') vulnerability in FRESHFACE Ark Theme Core ark-core allows Code Injection.This issue affects Ark Theme Core: from n/a through < 1.71.0. | |
| CVE-2024-53944 | Cri | 0.65 | 9.8 | 0.17 | Feb 27, 2025 | An issue was discovered on Tuoshi/Dionlink LT15D 4G Wi-Fi devices through M7628NNxlSPv2xUI_v1.0.1802.10.08_P4 and LT21B devices through M7628xUSAxUIv2_v1.0.1481.15.02_P0. A unauthenticated remote attacker with network access can exploit a command injection vulnerability. The /goform/formJsonAjaxReq endpoint fails to sanitize shell metacharacters sent via JSON parameters, thus allowing attackers to execute arbitrary OS commands with root privileges. | |
| CVE-2023-28354 | Cri | 0.65 | 9.8 | 0.15 | Jan 9, 2025 | An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call check_nrpe against affected targets, specifying known NRPE plugins, which in default installations are configured to accept command control characters and pass them to command-line interpreters for NRPE plugin execution. This allows the attacker to escape NRPE plugin execution and execute commands remotely on the target as NT_AUTHORITY\SYSTEM. | |
| CVE-2024-21577 | Cri | 0.65 | 10.0 | 0.00 | Dec 13, 2024 | ComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionEval node contains an eval() in its entrypoint function that accepts arbitrary user-controlled data. A user can create a workflow that results in executing arbitrary code on the server. | |
| CVE-2024-21576 | Cri | 0.65 | 10.0 | 0.00 | Dec 13, 2024 | ComfyUI-Bmad-Nodes is vulnerable to Code Injection. The issue stems from a validation bypass in the BuildColorRangeHSVAdvanced, FilterContour and FindContour custom nodes. In the entrypoint function to each node, there’s a call to eval which can be triggered by generating a workflow that injects a crafted string into the node. This can result in executing arbitrary code on the server. | |
| CVE-2024-52427 | Cri | 0.65 | 9.9 | 0.12 | Nov 18, 2024 | Deserialization of Untrusted Data vulnerability in Vollstart Event Tickets with Ticket Scanner event-tickets-with-ticket-scanner allows Server Side Include (SSI) Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through <= 2.3.11. | |
| CVE-2024-49254 | Cri | 0.65 | 10.0 | 0.01 | Oct 16, 2024 | Improper Control of Generation of Code ('Code Injection') vulnerability in sunjianle ajax-extend ajax-extend allows Code Injection.This issue affects ajax-extend: from n/a through <= 1.0. | |
| CVE-2024-39714 | Cri | 0.65 | 9.9 | 0.03 | Sep 7, 2024 | A code injection vulnerability that permits a low-privileged user to upload arbitrary files to the server, leading to remote code execution on VSPC server. | |
| CVE-2023-50029 | Cri | 0.65 | 10.0 | 0.01 | Jun 24, 2024 | PHP Injection vulnerability in the module "M4 PDF Extensions" (m4pdf) up to version 3.3.2 from PrestaAddons for PrestaShop allows attackers to run arbitrary code via the M4PDF::saveTemplate() method. | |
| CVE-2024-36679 | Cri | 0.65 | 10.0 | 0.00 | Jun 19, 2024 | In the module "Module Live Chat Pro (All in One Messaging)" (livechatpro) <=8.4.0, a guest can perform PHP Code injection. Due to a predictable token, the method `Lcp::saveTranslations()` suffer of a white writer that can inject PHP code into a PHP file. | |
| CVE-2024-32599 | Cri | 0.65 | 10.0 | 0.01 | Apr 18, 2024 | Improper Control of Generation of Code ('Code Injection') vulnerability in Deepak anand WP Dummy Content Generator wp-dummy-content-generator.This issue affects WP Dummy Content Generator: from n/a through <= 3.2.1. | |
| CVE-2024-25096 | Cri | 0.65 | 10.0 | 0.01 | Apr 3, 2024 | Improper Control of Generation of Code ('Code Injection') vulnerability in Canto Inc. Canto allows Code Injection.This issue affects Canto: from n/a through 3.0.7. |