CWE-94
Improper Control of Generation of Code ('Code Injection')
Description
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-242 · CAPEC-35 · CAPEC-77
CVEs mapped to this weakness (4,701)
page 6 of 236| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-21577 | — | Cri | 0.65 | 10.0 | 0.01 | Dec 13, 2024 | ComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionEval node contains an eval() in its entrypoint function that accepts arbitrary user-controlled data. A user can create a workflow that results in executing arbitrary code on the server. | |
| CVE-2024-21576 | Cri | 0.65 | 10.0 | 0.01 | Dec 13, 2024 | ComfyUI-Bmad-Nodes is vulnerable to Code Injection. The issue stems from a validation bypass in the BuildColorRangeHSVAdvanced, FilterContour and FindContour custom nodes. In the entrypoint function to each node, there’s a call to eval which can be triggered by generating a… | ||
| CVE-2024-52427 | Cri | 0.65 | 9.9 | 0.01 | Nov 18, 2024 | Deserialization of Untrusted Data vulnerability in Vollstart Event Tickets with Ticket Scanner event-tickets-with-ticket-scanner allows Server Side Include (SSI) Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through <= 2.3.11. | ||
| CVE-2024-49254 | Cri | 0.65 | 10.0 | 0.01 | Oct 16, 2024 | Improper Control of Generation of Code ('Code Injection') vulnerability in sunjianle ajax-extend ajax-extend allows Code Injection.This issue affects ajax-extend: from n/a through <= 1.0. | ||
| CVE-2024-39714 | Cri | 0.65 | 9.9 | 0.01 | Sep 7, 2024 | A code injection vulnerability that permits a low-privileged user to upload arbitrary files to the server, leading to remote code execution on VSPC server. | ||
| CVE-2023-50029 | Cri | 0.65 | 10.0 | 0.01 | Jun 24, 2024 | PHP Injection vulnerability in the module "M4 PDF Extensions" (m4pdf) up to version 3.3.2 from PrestaAddons for PrestaShop allows attackers to run arbitrary code via the M4PDF::saveTemplate() method. | ||
| CVE-2024-36679 | — | Cri | 0.65 | 10.0 | 0.01 | Jun 19, 2024 | In the module "Module Live Chat Pro (All in One Messaging)" (livechatpro) <=8.4.0, a guest can perform PHP Code injection. Due to a predictable token, the method `Lcp::saveTranslations()` suffer of a white writer that can inject PHP code into a PHP file. | |
| CVE-2024-32599 | Cri | 0.65 | 10.0 | 0.01 | Apr 18, 2024 | Improper Control of Generation of Code ('Code Injection') vulnerability in Deepak anand WP Dummy Content Generator wp-dummy-content-generator.This issue affects WP Dummy Content Generator: from n/a through <= 3.2.1. | ||
| CVE-2024-25096 | Cri | 0.65 | 10.0 | 0.01 | Apr 3, 2024 | Improper Control of Generation of Code ('Code Injection') vulnerability in Canto Inc. Canto allows Code Injection.This issue affects Canto: from n/a through 3.0.7. | ||
| CVE-2024-29276 | — | Cri | 0.65 | 9.8 | 0.33 | Apr 2, 2024 | An issue was discovered in seeyonOA version 8, allows remote attackers to execute arbitrary code via the importProcess method in WorkFlowDesignerController.class component. | |
| CVE-2023-25054 | Cri | 0.65 | 10.0 | 0.01 | Dec 29, 2023 | Improper Control of Generation of Code ('Code Injection') vulnerability in David F. Carr RSVPMaker.This issue affects RSVPMaker: from n/a through 10.6.6. | ||
| CVE-2023-5201 | Cri | 0.65 | 9.9 | 0.01 | Sep 30, 2023 | The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server. This requires the [php]… | ||
| CVE-2018-11780 | Cri | 0.65 | 9.8 | 0.11 | Sep 17, 2018 | A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2. | ||
| CVE-2016-4391 | Cri | 0.65 | 9.8 | 0.20 | Aug 6, 2018 | A remote code execution security vulnerability has been identified in all versions of the HP ArcSight WINC Connector prior to v7.3.0. | ||
| CVE-2017-6920 | Cri | 0.65 | 9.8 | 0.20 | Aug 6, 2018 | Drupal core 8 before versions 8.3.4 allows remote attackers to execute arbitrary code due to the PECL YAML parser not handling PHP objects safely during certain operations. | ||
| CVE-2017-16082 | Cri | 0.65 | 9.8 | 0.11 | Jun 7, 2018 | A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. There are 2 likely scenarios in which one would likely be vulnerable. 1) Executing unsafe, user-supplied sql which contains a… | ||
| CVE-2013-6671 | Cri | 0.65 | 9.8 | 0.11 | Dec 11, 2013 | The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. | ||
| CVE-2006-3730 | Hig | 0.65 | 8.8 | 0.64 | Jul 21, 2006 | Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory… | ||
| CVE-2026-49774 | Cri | 0.64 | 9.9 | 0.00 | Jun 16, 2026 | Improper Control of Generation of Code ('Code Injection') vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion. This issue affects RD Station: from n/a through 5.6.0. | ||
| CVE-2026-50880 | Cri | 0.64 | 9.8 | 0.00 | Jun 15, 2026 | An issue in the sendmail transport integration component of YouTransfer v1.0.6 allows attackers to execute arbitrary code via supplying a crafted request. |
- risk 0.65cvss 10.0epss 0.01
ComfyUI-Ace-Nodes is vulnerable to Code Injection. The ACE_ExpressionEval node contains an eval() in its entrypoint function that accepts arbitrary user-controlled data. A user can create a workflow that results in executing arbitrary code on the server.
- risk 0.65cvss 10.0epss 0.01
ComfyUI-Bmad-Nodes is vulnerable to Code Injection. The issue stems from a validation bypass in the BuildColorRangeHSVAdvanced, FilterContour and FindContour custom nodes. In the entrypoint function to each node, there’s a call to eval which can be triggered by generating a…
- risk 0.65cvss 9.9epss 0.01
Deserialization of Untrusted Data vulnerability in Vollstart Event Tickets with Ticket Scanner event-tickets-with-ticket-scanner allows Server Side Include (SSI) Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through <= 2.3.11.
- risk 0.65cvss 10.0epss 0.01
Improper Control of Generation of Code ('Code Injection') vulnerability in sunjianle ajax-extend ajax-extend allows Code Injection.This issue affects ajax-extend: from n/a through <= 1.0.
- risk 0.65cvss 9.9epss 0.01
A code injection vulnerability that permits a low-privileged user to upload arbitrary files to the server, leading to remote code execution on VSPC server.
- risk 0.65cvss 10.0epss 0.01
PHP Injection vulnerability in the module "M4 PDF Extensions" (m4pdf) up to version 3.3.2 from PrestaAddons for PrestaShop allows attackers to run arbitrary code via the M4PDF::saveTemplate() method.
- risk 0.65cvss 10.0epss 0.01
In the module "Module Live Chat Pro (All in One Messaging)" (livechatpro) <=8.4.0, a guest can perform PHP Code injection. Due to a predictable token, the method `Lcp::saveTranslations()` suffer of a white writer that can inject PHP code into a PHP file.
- risk 0.65cvss 10.0epss 0.01
Improper Control of Generation of Code ('Code Injection') vulnerability in Deepak anand WP Dummy Content Generator wp-dummy-content-generator.This issue affects WP Dummy Content Generator: from n/a through <= 3.2.1.
- risk 0.65cvss 10.0epss 0.01
Improper Control of Generation of Code ('Code Injection') vulnerability in Canto Inc. Canto allows Code Injection.This issue affects Canto: from n/a through 3.0.7.
- risk 0.65cvss 9.8epss 0.33
An issue was discovered in seeyonOA version 8, allows remote attackers to execute arbitrary code via the importProcess method in WorkFlowDesignerController.class component.
- risk 0.65cvss 10.0epss 0.01
Improper Control of Generation of Code ('Code Injection') vulnerability in David F. Carr RSVPMaker.This issue affects RSVPMaker: from n/a through 10.6.6.
- risk 0.65cvss 9.9epss 0.01
The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server. This requires the [php]…
- risk 0.65cvss 9.8epss 0.11
A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2.
- risk 0.65cvss 9.8epss 0.20
A remote code execution security vulnerability has been identified in all versions of the HP ArcSight WINC Connector prior to v7.3.0.
- risk 0.65cvss 9.8epss 0.20
Drupal core 8 before versions 8.3.4 allows remote attackers to execute arbitrary code due to the PECL YAML parser not handling PHP objects safely during certain operations.
- risk 0.65cvss 9.8epss 0.11
A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. There are 2 likely scenarios in which one would likely be vulnerable. 1) Executing unsafe, user-supplied sql which contains a…
- risk 0.65cvss 9.8epss 0.11
The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.
- risk 0.65cvss 8.8epss 0.64
Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory…
- risk 0.64cvss 9.9epss 0.00
Improper Control of Generation of Code ('Code Injection') vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion. This issue affects RD Station: from n/a through 5.6.0.
- risk 0.64cvss 9.8epss 0.00
An issue in the sendmail transport integration component of YouTransfer v1.0.6 allows attackers to execute arbitrary code via supplying a crafted request.