CVE-2024-13264

CRITICAL Year: 2024
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-96
View all →

Vulnerability Description

Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability in Drupal Opigno module allows PHP Local File Inclusion.This issue affects Opigno module: from 0.0.0 before 3.1.2.

Related Vulnerabilities

CVE-2023-39726

CRITICAL
CVSS:9.8(Critical)

An issue in Mintty v.3.6.4 and before allows a remote attacker to execute arbitrary code via crafted commands to the terminal.

CWE-962023

CVE-2020-6143

CRITICAL
CVSS:10.0(Critical)

A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The password variable which is set at line 122 in install/Step5.php allows for injection of PHP code int...

CWE-962020

CVE-2020-6144

CRITICAL
CVSS:10.0(Critical)

A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The username variable which is set at line 121 in install/Step5.php allows for injection of PHP code int...

CWE-962020

CVE-2015-2079

HIGH
CVSS:8.8(High)

Usermin 0.980 through 1.x before 1.660 allows uconfig_save.cgi sig_file_free remote code execution because it uses the two argument (not three argument) form of Perl open.

CWE-962015

CVE-2022-43938

HIGH
CVSS:8.8(High)

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x cannot allow a system administrator to disable scripting capabilities of Pentaho Reports (*.prp...

CWE-962022

CVE-2024-55662

HIGH
CVSS:8.8(High)

XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-1 and prior to versions 15.10.9 and 16.3.0, on instances where `Extension Repository Application` is installed, any user ca...

CWE-962024