CWE-94— Improper Control of Generation of Code (Code Injection)
6,192 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-94page 2 of 124
- CVE-2005-1894NONECVSS 0.0EG 0.02005-06-09
Direct code injection vulnerability in FlatNuke 2.5.3 allows remote attackers to execute arbitrary PHP code by placing the code into the Referer header of an HTTP request, which causes the code to be injected into referer.php, which can th…
- CVE-2005-1921NONECVSS 0.0EG 9.02005-07-05
Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupwar…
- CVE-2005-1965NONECVSS 0.0EG 0.02005-06-16
PHP remote file inclusion vulnerability in siteframe.php for Broadpool Siteframe allows remote attackers to execute arbitrary code via a URL in the LOCAL_PATH parameter.
- CVE-2005-1996NONECVSS 0.0EG 0.02005-06-15
PHP remote file inclusion vulnerability in start.php in Bitrix Site Manager 4.0.x allows remote attackers to execute arbitrary PHP code via the _SERVER[DOCUMENT_ROOT] parameter.
- CVE-2005-2498NONECVSS 0.0EG 0.02005-08-15
Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code…
- CVE-2005-2703NONECVSS 0.0EG 0.02005-09-23
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP reque…
- CVE-2005-2837NONECVSS 0.0EG 0.02005-09-07
Multiple eval injection vulnerabilities in PlainBlack Software WebGUI before 6.7.3 allow remote attackers to execute arbitrary Perl code via (1) Help.pm, (2) International.pm, or (3) WebGUI.pm.
- CVE-2005-3302HIGHCVSS 7.3EG 7.32005-10-24
Eval injection vulnerability in bvh_import.py in Blender 2.36 allows attackers to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call.
- CVE-2005-3554NONECVSS 0.0EG 0.02005-11-16
Multiple eval injection vulnerabilities in the help function in PHPKIT 1.6.1 R2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary code on the server via unknown attack vectors involving uninitialize…
- CVE-2005-3571NONECVSS 0.0EG 0.02005-11-16
PHP file inclusion vulnerability in protection.php in CodeGrrl (a) PHPCalendar 1.0, (b) PHPClique 1.0, (c) PHPCurrently 2.0, (d) PHPFanBase 2.1, and (e) PHPQuotes 1.0 allows remote attackers to include arbitrary local files via the siteurl…
- CVE-2005-3650NONECVSS 0.0EG 0.02005-11-17
The CodeSupport.ocx ActiveX control, as used by Sony to uninstall the First4Internet XCP DRM, has "safe for scripting" enabled, which allows remote attackers to execute arbitrary code by calling vulnerable functions such as RebootMachine, …
- CVE-2005-3775NONECVSS 0.0EG 0.02005-11-23
PHP remote file inclusion vulnerability in pollvote.php in PollVote allows remote attackers to include arbitrary files via a URL in the pollname parameter.
- CVE-2005-3835NONECVSS 0.0EG 0.02005-11-26
PHP remote file inclusion vulnerability in support/index.php in DeskLance 2.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the main parameter.
- CVE-2005-3859NONECVSS 0.0EG 0.02005-11-29
PHP remote file inclusion vulnerability in q-news.php in Q-News 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the id parameter.
- CVE-2005-3860NONECVSS 0.0EG 0.02005-11-29
PHP remote file inclusion vulnerability in athena.php in Oliver May Athena PHP Website Administration 0.1a allows remote attackers to execute arbitrary PHP code via a URL in the athena_dir parameter.
- CVE-2005-3861NONECVSS 0.0EG 0.02005-11-29
PHP remote file inclusion vulnerability in content.php in phpGreetz 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the content parameter.
- CVE-2005-4209NONECVSS 0.0EG 0.02005-12-13
WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote attackers to prevent arbitrary users from accessing their inboxes via script tags in the Subject header of an e-mail message, which prevents the user from being able to access the In…
- CVE-2005-4573NONECVSS 0.0EG 0.02005-12-29
PHP remote file include vulnerability in plog-admin-functions.php in Plogger Beta 2 allows remote attackers to execute arbitrary code via a URL in the config[basedir] parameter.
- CVE-2005-4874NONECVSS 0.0EG 0.02005-12-31
The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE method, which allows remote attackers to obtain (1) proxy authentication passwords via a request with a "Max-Forwards: 0" header or (2) arbitrary local passwords on the web…
- CVE-2006-0064NONECVSS 0.0EG 0.02006-01-03
PHP remote file include vulnerability in includes/orderSuccess.inc.php in CubeCart allows remote attackers to execute arbitrary PHP code via a URL in the glob[rootDir] parameter.
- CVE-2006-0094NONECVSS 0.0EG 0.02006-01-05
PHP remote file include vulnerability in forum.php in oaBoard 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc_stat parameter, a different vulnerability than CVE-2006-0076. NOTE: the provenance of this informa…
- CVE-2006-0144NONECVSS 0.0EG 0.02006-01-09
The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified version of Tar.php wi…
- CVE-2006-0207NONECVSS 0.0EG 0.02006-01-13
Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote attackers to inject arbitrary HTTP headers via a crafted Set-Cookie header, related to the (1) session extension (aka ext/session) and the (2) header function.
- CVE-2006-0236NONECVSS 0.0EG 0.02006-01-18
GUI display truncation vulnerability in Mozilla Thunderbird 1.0.2, 1.0.6, and 1.0.7 allows user-assisted attackers to execute arbitrary code via an attachment with a filename containing a large number of spaces ending with a dangerous exte…
- CVE-2006-0308NONECVSS 0.0EG 0.02006-01-19
PHP remote file inclusion vulnerability in htmltonuke.php in the htmltonuke 2.0 alpha, and possibly other versions, module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL in the filnavn parameter.
- CVE-2006-0332NONECVSS 0.0EG 0.02006-01-21
Pantomime in Ecartis 1.0.0 snapshot 20050909 stores e-mail attachments in a publicly accessible directory, which may allow remote attackers to upload arbitrary files.
- CVE-2006-0388NONECVSS 0.0EG 0.02006-03-03
Safari in Mac OS X 10.3 before 10.3.9 and 10.4 before 10.4.5 allows remote attackers to redirect users to local files and execute arbitrary JavaScript via unspecified vectors involving HTTP redirection to local resources.
- CVE-2006-0397NONECVSS 0.0EG 0.02006-03-14
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific i…
- CVE-2006-0398NONECVSS 0.0EG 0.02006-03-14
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific i…
- CVE-2006-0399NONECVSS 0.0EG 0.02006-03-14
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific i…
- CVE-2006-0565NONECVSS 0.0EG 0.02006-02-06
PHP remote file include vulnerability in inc/backend_settings.php in Loudblog 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the $GLOBALS[path] parameter.
- CVE-2006-0659NONECVSS 0.0EG 0.02006-02-13
Multiple PHP remote file include vulnerabilities in RunCMS 1.2 and earlier, with register_globals and allow_url_fopen enabled, allow remote attackers to execute arbitrary code via the bbPath[path] parameter in (1) class.forumposts.php and …
- CVE-2006-0723NONECVSS 0.0EG 0.02006-02-16
PHP remote file inclusion vulnerability in preview.php in Reamday Enterprises Magic News Lite 1.2.3, when register_globals is enabled, allows remote attackers to include arbitrary files via a URL in the php_script_path parameter.
- CVE-2006-0725NONECVSS 0.0EG 0.02006-02-16
PHP remote file inclusion vulnerability in prepend.php in Plume CMS 1.0.2, when register_globals is enabled, allows remote attackers to include arbitrary files via a URL in the _PX_config[manager_path] parameter. NOTE: this is a different…
- CVE-2006-0854NONECVSS 0.0EG 0.02006-02-23
PHP remote file inclusion vulnerability in common.php in Intensive Point iUser Ecommerce allows remote attackers to include arbitrary files via a URL in the include_path variable, which is not initialized before being used.
- CVE-2006-0887NONECVSS 0.0EG 0.02006-02-25
Eval injection vulnerability in sessions.inc in PHP Base Library (PHPLib) before 7.4a, when index.php3 from the PHPLib distribution is available on the server, allows remote attackers to execute arbitrary PHP code by including a base64-enc…
- CVE-2006-0945NONECVSS 0.0EG 0.02006-03-01
PHP remote file include vulnerability in admin/index.php in Archangel Weblog 0.90.02 allows remote authenticated administrators to execute arbitrary PHP code via a URL ending in a NULL (%00) in the index parameter.
- CVE-2006-1031NONECVSS 0.0EG 0.02006-03-07
config/config_inc.php in iGENUS Webmail 2.02 and earlier allows remote attackers to include arbitrary local files via the SG_HOME parameter.
- CVE-2006-1039NONECVSS 0.0EG 0.02006-03-07
SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a ";%20" followed by encoded HTTP hea…
- CVE-2006-1154NONECVSS 0.0EG 0.02006-03-10
PHP remote file inclusion vulnerability in archive.php in Fantastic News 2.1.2 allows remote attackers to include arbitrary files via the CONFIG[script_path] variable. NOTE: 2.1.4 was also reported to be vulnerable.
- CVE-2006-1251NONECVSS 0.0EG 0.02006-03-19
Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.c…
- CVE-2006-1301NONECVSS 0.0EG 0.02006-07-13
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record that triggers memory corruption, a different vulnerability than CVE-2006-1302.
- CVE-2006-1303NONECVSS 0.0EG 0.02006-06-13
Multiple unspecified vulnerabilities in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allow remote attackers to execute arbitrary code by instantiating certain COM objects from Wmm2fxa.dll as ActiveX controls including (1) DXI…
- CVE-2006-1304NONECVSS 0.0EG 0.02006-07-13
Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted COLINFO record, which triggers the overflow during a "data filling operation."
- CVE-2006-1306NONECVSS 0.0EG 0.02006-07-13
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with an attacker-controlled array index that is used for a function pointer, aka "Malformed OBJECT record…
- CVE-2006-1308NONECVSS 0.0EG 0.02006-07-13
Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted FNGROUPCOUNT value.
- CVE-2006-1309NONECVSS 0.0EG 0.02006-07-13
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted LABEL record that triggers memory corruption.
- CVE-2006-1316NONECVSS 0.0EG 0.02006-07-11
Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with malformed string that triggers memory corr…
- CVE-2006-1318NONECVSS 0.0EG 0.02014-09-19
Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office…
- CVE-2006-1359NONECVSS 0.0EG 9.02006-03-23
Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table…
Map vulnerabilities like CWE-94 to your infrastructure
EchelonGraph correlates every CVE — across CWE-94 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →