Fallos del tipo CWE-94
3759 resultadosCVE-2023-46509—An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component.EPSS 0.8%CVE-2024-39165CRITICALQR/demoapp/qr_image.php in Asial JpGraph Professional through 4.2.6-pro allows remote attackers to execute arbitrary code via a PHP payload EPSS 0.8%CVE-2025-44071CRITICALSeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component phomebak.php. This vulnerability allowsEPSS 0.8%CVE-2026-25510CRITICALCI4MS Vulnerable to Remote Code Execution (RCE) via Arbitrary File Creation and Save in File EditorEPSS 0.8%CVE-2026-30741CRITICALA remote code execution (RCE) vulnerability in OpenClaw Agent Platform v2026.2.6 allows attackers to execute arbitrary code via a Request-SiEPSS 0.8%CVE-2025-21292HIGHWindows Search Service Elevation of Privilege VulnerabilityEPSS 0.8%CVE-2024-3319CRITICALSecurity implication in SailPoint Identity Security Cloud IdentityProfile API EndpointsEPSS 0.8%CVE-2023-43222—SeaCMS v12.8 has an arbitrary code writing vulnerability in the /jxz7g2/admin_ping.php file.EPSS 0.8%CVE-2024-48818CRITICALAn issue in IIT Bombay, Mumbai, India Bodhitree of cs101 version allows a remote attacker to execute arbitrary code.EPSS 0.8%CVE-2024-0738MEDIUM个人开源 mldong DecisionModel.java ExpressionEngine code injectionEPSS 0.8%CVE-2025-50881HIGHThe `flow/admin/moniteur.php` script in Use It Flow administration website before 10.0.0 is vulnerable to Remote Code Execution. When handliEPSS 0.8%CVE-2024-32404MEDIUMServer-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1, allows remote attackers to execute arbitrary code viaEPSS 0.8%CVE-2024-54996HIGHMonicaHQ v4.1.2 was discovered to contain multiple authenticated Client-Side Injection vulnerabilities via the title and description parametEPSS 0.8%CVE-2025-64050HIGHA Remote Code Execution (RCE) vulnerability in the template management component in REDAXO CMS 5.20.0 allows remote authenticated administraEPSS 0.8%CVE-2024-21682HIGHThis High severity Injection vulnerability was introduced in Assets Discovery 1.0 - 6.2.0 (all versions).
Assets Discovery, which can be dEPSS 0.8%CVE-2025-43845HIGHGHSL-2025-015_Retrieval-based-Voice-Conversion-WebUIEPSS 0.8%CVE-2026-25817HIGHHMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 haEPSS 0.8%CVE-2023-50029CRITICALPHP Injection vulnerability in the module "M4 PDF Extensions" (m4pdf) up to version 3.3.2 from PrestaAddons for PrestaShop allows attackers EPSS 0.8%CVE-2024-6596CRITICALEndress+Hauser: Multiple products are vulnerable to code injectionEPSS 0.8%CVE-2025-2303HIGHBlock Logic <= 1.0.8 - Authenticated (Contributor+) Remote Code ExecutionEPSS 0.8%