Fallos del tipo CWE-94
3719 resultadosCVE-2006-5021CRITICALMultiple PHP remote file inclusion vulnerabilities in redgun RedBLoG 0.5 allow remote attackers to execute arbitrary PHP code via a URL in (EPSS 3.1%CVE-2024-12252CRITICALSEO LAT Auto Post <= 2.2.1 - Missing Authorization to File Overwrite/Upload (Remote Code Execution)EPSS 3.1%CVE-2017-8912HIGHCMS Made Simple (CMSMS) 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/edituEPSS 3.1%CVE-2023-33466—Orthanc before 1.12.0 allows authenticated users with access to the Orthanc API to overwrite arbitrary files on the file system, and in specEPSS 3.1%CVE-2019-1057HIGHMS XML Remote Code Execution VulnerabilityEPSS 3.1%CVE-2020-12013—A specially crafted WCF client that interfaces to the may allow the execution of certain arbitrary SQL commands remotely. This affects: MitsEPSS 3.0%CVE-2026-24897CRITICALAuthenticated Remote Code Execution via Arbitrary File UploadEPSS 3.0%CVE-2023-32528—Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary codeEPSS 3.0%CVE-2020-25197CRITICALGE Reason RT43X Clocks Code InjectionEPSS 3.0%CVE-2021-21433CRITICALRemote code execution on discord-recon .dirsearch and .arjun commands due to improper input validationEPSS 3.0%CVE-2008-1511CRITICALMultiple PHP remote file inclusion vulnerabilities in ooComments 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the PEPSS 2.9%CVE-2023-32527—Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary codeEPSS 2.9%CVE-2026-26030CRITICALMicrosoft Semantic Kernel InMemoryVectorStore filter functionality vulnerable to remote code executionEPSS 2.9%CVE-2022-24881HIGHCommand Injection in Ballcat CodegenEPSS 2.9%CVE-2021-32829CRITICALPost-authentication Remote Code Execution (RCE) in ZStack REST APIEPSS 2.9%CVE-2020-8129—An unintended require vulnerability in script-manager npm package version 0.8.6 and earlier may allow attackers to execute arbitrary code.EPSS 2.9%CVE-2025-27407CRITICALRemote code execution when loading a crafted GraphQL schemaEPSS 2.9%CVE-2019-13558—In WebAccess versions 8.4.1 and prior, an exploit executed over the network may cause improper control of generation of code, which may alloEPSS 2.9%CVE-2024-48839CRITICALRemote Code Execution, RCEEPSS 2.8%CVE-2024-54756CRITICALA remote code execution (RCE) vulnerability in the ZScript function of ZDoom Team GZDoom v4.13.1 allows attackers to execute arbitrary code EPSS 2.8%