CWE-94: Code Injection

This vulnerability in Paradox Security Systems IPR512 allows attackers to cause denial of service by exploiting injection vulnerabilities in login.htm...

CVE-2023-24576 is an unauthenticated remote code execution vulnerability in EMC NetWorker's nsrexecd service. This allows attackers to execute arbitra...

CVE-2022-24429 is an arbitrary code injection vulnerability in convert-svg-core that allows attackers to read arbitrary files from the file system whe...

This CVE describes a code injection vulnerability in Huawei smartphones running HarmonyOS. Successful exploitation could allow an attacker to execute ...

CVE-2021-32831 is a code injection vulnerability in the Total.js framework for Node.js. When the utils.set function is called with user-controlled val...

This CVE describes an Improper Control of Generation of Code vulnerability in Huawei smartphones that allows attackers to execute arbitrary code on ro...

This CVE allows arbitrary code execution during build time when using Go's cgo feature with malicious gcc flags specified in #cgo directives. Attacker...

This vulnerability allows remote attackers to execute arbitrary code on ECOVACS Deebot T20 OMNI and T20e OMNI robot vacuums via WiFi. Attackers could ...

This vulnerability allows remote code execution when Apache Avro Java SDK processes untrusted Avro schemas. Attackers can inject malicious code that g...

This vulnerability in the BuddyPress WordPress plugin allows unauthenticated attackers to execute arbitrary shortcodes. This affects all WordPress sit...

Lite XL versions 2.1.8 and earlier automatically execute Lua code from .lite_project.lua files when opening project directories without user confirmat...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes in the REHub theme. Attackers can inject malicious short...

The Woodmart WordPress theme allows unauthenticated attackers to execute arbitrary shortcodes due to insufficient input validation in the woodmart_get...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes in the Wolmart theme. Attackers can inject malicious sho...

The LayoutBoxx WordPress plugin allows unauthenticated attackers to execute arbitrary shortcodes due to improper input validation. This vulnerability ...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes in the Motors WordPress theme. Attackers can potentially...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes through the Create custom forms for WordPress with a sma...

This CVE describes a code injection vulnerability in the Real Estate Manager WordPress plugin that allows attackers to execute arbitrary code on affec...

The ORDER POST WordPress plugin allows unauthenticated attackers to execute arbitrary shortcodes due to improper input validation. This vulnerability ...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes through the Simply Schedule Appointments Booking Plugin....

The WPCS WordPress Currency Switcher Professional plugin up to version 1.2.0.4 allows unauthenticated attackers to execute arbitrary WordPress shortco...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes through the Custom Post Type Date Archives plugin. Attac...

The Show Me The Cookies WordPress plugin allows unauthenticated attackers to execute arbitrary shortcodes due to improper input validation. This affec...

A buffer overflow vulnerability in Bento4 v1.6.0-641 allows local attackers to execute arbitrary code by crafting a malicious MP4 file and processing ...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes in the PressMart theme. Attackers can potentially inject...

This vulnerability allows unauthenticated attackers to execute arbitrary shortcodes in the Avada WordPress theme, potentially leading to remote code e...

The Avada Builder WordPress plugin allows unauthenticated attackers to execute arbitrary shortcodes due to improper input validation. This vulnerabili...

The CURCY WooCommerce plugin allows unauthenticated attackers to execute arbitrary WordPress shortcodes via the get_products_price() function. This vu...

The WooCommerce Product Table Lite plugin for WordPress allows unauthenticated attackers to execute arbitrary shortcodes due to improper input validat...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes through the PirateForms contact form plugin. Attackers c...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes through the GamiPress plugin's AJAX function. Attackers ...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes through the GamiPress plugin. Attackers can potentially ...

The WordPress Popular Posts plugin up to version 7.1.0 allows unauthenticated attackers to execute arbitrary WordPress shortcodes due to insufficient ...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes through the kk Star Ratings plugin. Attackers can potent...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes via the woot_get_smth AJAX action in the Active Products...

A buffer overflow vulnerability in ROS2 navigation2 allows local attackers to execute arbitrary code by providing a malicious .yaml file to the nav2_a...

The Authors List WordPress plugin allows unauthenticated attackers to execute arbitrary shortcodes via a vulnerable AJAX endpoint. This vulnerability ...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes through the 'fire_contact_form' AJAX action in the Reque...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes via the gamipress_get_user_earnings AJAX action. All Wor...

The Uix Slideshow WordPress plugin allows unauthenticated attackers to execute arbitrary shortcodes due to improper input validation. This vulnerabili...

This vulnerability allows arbitrary code execution in applications using vulnerable versions of the dom-iterator package. Attackers can inject malicio...

The WP Photo Album Plus WordPress plugin contains an arbitrary shortcode execution vulnerability that allows unauthenticated attackers to execute arbi...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes through the FOX Currency Switcher Professional plugin. A...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes in the Paid Membership Subscriptions plugin. Attackers c...

The Tickera WordPress plugin allows unauthenticated attackers to execute arbitrary shortcodes due to improper input validation. This vulnerability aff...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes through the Enable Shortcodes plugin. Attackers can pote...

This vulnerability allows attackers to inject and execute arbitrary code on WordPress sites using the Meta Data and Taxonomies Filter (MDTF) plugin. I...

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes through the Uix Shortcodes plugin. All WordPress sites u...

The Special Text Boxes WordPress plugin allows unauthenticated attackers to execute arbitrary shortcodes through comments. This vulnerability affects ...

The MDTF WordPress plugin allows unauthenticated attackers to execute arbitrary shortcodes due to improper input validation. This affects all WordPres...