Falhas do tipo CWE-94
3.754 resultadosCVE-2021-38243CRITICALxunruicms up to v4.5.1 was discovered to contain a remote code execution (RCE) vulnerability in /index.php. This vulnerability allows attackEPSS 1.3%CVE-2023-46958CRITICALAn issue in lmxcms v.1.41 allows a remote attacker to execute arbitrary code via a crafted script to the admin.php file.EPSS 1.3%CVE-2022-44533HIGHA vulnerability in the Aruba EdgeConnect Enterprise web management interface allows remote authenticated users to run arbitrary commands on EPSS 1.3%CVE-2024-23746CRITICALMiro Desktop 0.8.18 on macOS allows local Electron code injection via a complex series of steps that might be usable in some environments (bEPSS 1.3%CVE-2024-55022HIGHWeintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain an authenticated command injection vulnerability via the HMI NamEPSS 1.3%CVE-2007-5565CRITICALPHP remote file inclusion vulnerability in includes/functions.php in phpSCMS 0.0.1-Alpha1 allows remote attackers to execute arbitrary PHP cEPSS 1.3%CVE-2022-45908CRITICALIn PaddlePaddle before 2.4, paddle.audio.functional.get_window is vulnerable to code injection because it calls eval on a user-supplied winsEPSS 1.3%CVE-2024-21546CRITICALVersions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution (RCE) through using a valid mimetyEPSS 1.3%CVE-2024-11600HIGHBorderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.6.0 - Authenticated (Administrator+) Remote Code ExecutionEPSS 1.3%CVE-2023-46947HIGHSubrion 4.2.1 has a remote command execution vulnerability in the backend.EPSS 1.3%CVE-2025-34079HIGHNSClient++ Authenticated Remote Code Execution via ExternalScripts APIEPSS 1.3%CVE-2023-22889CRITICALSmartBear Zephyr Enterprise through 7.15.0 mishandles user-defined input during report generation. This could lead to remote code execution EPSS 1.3%CVE-2023-33472HIGHAn issue was discovered in Scada-LTS v2.7.5.2 build 4551883606 and before, allows remote attackers with low-level authentication to escalateEPSS 1.3%CVE-2024-41714HIGHA vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 (9.8.1.5) and MiVoice Business Solution Virtual Instance (MEPSS 1.3%CVE-2023-39660—An issue in Gaberiele Venturi pandasai v.0.8.0 and before allows a remote attacker to execute arbitrary code via a crafted request to the prEPSS 1.3%CVE-2024-21649HIGHRemote code execution EPSS 1.3%CVE-2022-36006HIGHAuthenticated remote code execution due to insecure deserialization (GHSL-2022-063)EPSS 1.3%CVE-2022-3869MEDIUM Code Injection in froxlor/froxlorEPSS 1.3%CVE-2024-40521HIGHSeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is due to the fact that although admin_template.php imposes certainEPSS 1.3%CVE-2024-41651CRITICALAn issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality. NOTE: thiEPSS 1.3%