CVE-2024-13267

HIGH Year: 2024
CVSS v3 Score
7.5
High
Weakness Type
CWE-96
View all →

Vulnerability Description

Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability in Drupal Opigno TinCan Question Type allows PHP Local File Inclusion.This issue affects Opigno TinCan Question Type: from 7.X-1.0 before 7.X-1.3.

Related Vulnerabilities

CVE-2024-13265

HIGH
CVSS:7.5(High)

Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability in Drupal Opigno Learning path allows PHP Local File Inclusion.This issue affects Opigno Learning...

CWE-962024

CVE-2022-0895

HIGH
CVSS:7.7(High)

Static Code Injection in GitHub repository microweber/microweber prior to 1.3.

CWE-962022

CVE-2021-39115

HIGH
CVSS:7.2(High)

Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers with "Jira Administrators" access to execute arbitrary Java code or run arbitrary system commands v...

CWE-962021

CVE-2024-13268

MEDIUM
CVSS:6.8(Medium)

Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability in Drupal Opigno allows PHP Local File Inclusion.This issue affects Opigno: from 7.X-1.0 before 7...

CWE-962024

CVE-2024-32487

HIGH
CVSS:8.6(High)

less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled fi...

CWE-962024

CVE-2022-3960

MEDIUM
CVSS:6.3(Medium)

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x cannot allow a system administrator to disable scripting capabilities of the Community Dashboar...

CWE-962022