Fallos del tipo CWE-96
23 resultadosCVE-2022-43938HIGHHitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') EPSS 26.6%CVE-2024-37900MEDIUMXWiki Platform vulnerable to Cross-site Scripting through attachment filename in uploaderEPSS 14.8%CVE-2020-6144CRITICALA remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The username variable which is set at line 1EPSS 6.3%CVE-2020-6143CRITICALA remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The password variable which is set at line 1EPSS 6.2%CVE-2021-39115HIGHAffected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers with "Jira Administrators" access to exEPSS 4.4%CVE-2022-0895HIGHStatic Code Injection in microweber/microweberEPSS 1.7%CVE-2024-55877CRITICALXWiki allows remote code execution from account through macro descriptions and XWiki.XWikiSyntaxMacrosListEPSS 1.6%CVE-2023-39726—An issue in Mintty v.3.6.4 and before allows a remote attacker to execute arbitrary code via crafted commands to the terminal.EPSS 1.0%CVE-2015-2079CRITICALUsermin 0.980 through 1.x before 1.660 allows uconfig_save.cgi sig_file_free remote code execution because it uses the two argument (not thrEPSS 1.0%CVE-2024-55662CRITICALXWiki allows remote code execution through the extension sheetEPSS 0.7%CVE-2025-30091CRITICALIn Tiny MoxieManager PHP before 4.0.0, remote code execution can occur in the installer command. This vulnerability allows unauthenticated aEPSS 0.7%CVE-2025-57707LOWFile Station 5EPSS 0.7%CVE-2024-32487HIGHless through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. ExpEPSS 0.6%CVE-2025-36595HIGHDell Unisphere for PowerMax vApp, version(s) 9.2.4.x, contain(s) an Improper Neutralization of Directives in Statically Saved Code ('Static EPSS 0.5%CVE-2024-13265HIGHOpigno Learning path - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-029EPSS 0.5%CVE-2024-13267HIGHOpigno TinCan Question Type - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-031EPSS 0.5%CVE-2024-43400CRITICALXWiki Platform allows XSS through XClass name in string propertiesEPSS 0.5%CVE-2022-3960MEDIUMHitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') EPSS 0.5%CVE-2024-13268MEDIUMOpigno - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-032EPSS 0.5%CVE-2024-13264CRITICALOpigno module - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-028EPSS 0.4%