Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-94 (对生成代码的控制不恰当(代码注入)) — Vulnerability Class 1295

1295 vulnerabilities classified as CWE-94 (对生成代码的控制不恰当(代码注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-43922 WordPress NitroPack plugin <= 1.16.7 - Unauthenticated Arbitrary Shortcode Execution vulnerability — NitroPack 4.8 Medium2024-08-29
CVE-2024-7656 Image Hotspot by DevVN <= 1.2.5 - Authenticated (Author+) PHP Object Injection — Image Hotspot by DevVN 8.8 High2024-08-24
CVE-2024-5466 Remote Code Execution — OpManager, Remote Monitoring and Management 8.8 High2024-08-23
CVE-2024-7559 File Manager Pro <= 8.3.7 - Authenticated (Subscriber+) Arbitrary File Upload — File Manager Pro 8.8 High2024-08-23
CVE-2024-43202 Apache DolphinScheduler: Remote Code Execution Vulnerability — Apache DolphinScheduler 9.8AICriticalAI2024-08-20
CVE-2024-7899 InnoCMS Backend edit code injection — InnoCMS 4.7 Medium2024-08-17
CVE-2024-37287 Kibana arbitrary code execution via prototype pollution — Kibana 9.1 Critical2024-08-13
CVE-2024-43128 WordPress WooCommerce Product Table Lite plugin <= 3.5.1 - Arbitrary Code Execution vulnerability — WooCommerce Product Table Lite 6.5 Medium2024-08-13
CVE-2024-7094 JS Help Desk – The Ultimate Help Desk & Support Plugin <= 2.8.6 - Unauthenticated PHP Code Injection to Remote Code Execution — JS Help Desk – AI-Powered Support & Ticketing System 9.8 Critical2024-08-13
CVE-2024-5651 Fence-agents-remediation: fence agent command line options leads to remote code execution 8.8 High2024-08-12
CVE-2024-22123 Zabbix Arbitrary File Read — Zabbix 2.7 Low2024-08-09
CVE-2024-22116 Remote code execution within ping script — Zabbix 9.9 Critical2024-08-09
CVE-2024-3958 Improper Control of Generation of Code ('Code Injection') in GitLab — GitLab 5.3 Medium2024-08-08
CVE-2024-6891 Journyx Authenticated Remote Code Execution — Journyx (jtime) 8.8AIHighAI2024-08-07
CVE-2024-34344 Remote code execution via the browser when running the test locally in nuxt — nuxt 8.8 High2024-08-05
CVE-2024-22169 Misconfiguration in node.js causing a code execution in WD Discovery — WD Discovery 7.3AIHighAI2024-08-02
CVE-2024-36268 Apache InLong TubeMQ Client: Remote Code Execution vulnerability — Apache InLong TubeMQ Client 9.8AICriticalAI2024-08-02
CVE-2024-7093 Server-Side Template Injection in Dispatch Message Templates — Dispatch 8.8AIHighAI2024-08-01
CVE-2024-41961 Elektra vulnerable to remote code execution in universal search — elektra 9.2 Critical2024-08-01
CVE-2024-6726 Remote Code Execution (RCE) in Delphix — Delphix Engine 8.8 High2024-07-29
CVE-2024-41667 OpenAM FreeMarker template injection — OpenAM 8.8 High2024-07-24
CVE-2024-21552 SuperAGI 安全漏洞 — SuperAGI 9.8 Critical2024-07-22
CVE-2024-6950 Prain HTTP POST Request ?import code injection — Prain 6.3 Medium2024-07-21
CVE-2024-6947 Flute CMS Notification ContentParser.php replaceContent code injection — CMS 4.7 Medium2024-07-21
CVE-2024-6946 Flute CMS list code injection — CMS 4.7 Medium2024-07-21
CVE-2024-6940 DedeCMS article_template_rand.php code injection — DedeCMS 4.7 Medium2024-07-21
CVE-2024-6936 formtools.org Form Tools Setting code injection — Form Tools 2.7 Low2024-07-21
CVE-2024-29178 Apache StreamPark: FreeMarker SSTI RCE Vulnerability — Apache StreamPark 8.8AIHighAI2024-07-18
CVE-2024-29014 SonicWALL SMA100 NetExtender Windows 代码注入漏洞 — NetExtender 8.8AIHighAI2024-07-18
CVE-2024-39877 Apache Airflow: DAG Author Code Execution possibility in airflow-scheduler — Apache Airflow 8.8AIHighAI2024-07-17

Vulnerabilities classified as CWE-94 (对生成代码的控制不恰当(代码注入)) represent 1295 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.