CWE-96 · Improper Neutralization of Directives in Statically Saved Code (Static Code Injection)
21 CVEs classified under CWE-96 (Improper Neutralization of Directives in Statically Saved Code (Static Code Injection)). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-55877 | Critical | 10.0 | 2024-12-12 | XWiki Platform is a generic wiki platform. Starting in version 9.7-rc-1 and prior to versions 15.10.11, 16.4.1, and 16.5.0, any user with an account can perfor… |
CVE-2024-55662 | Critical | 10.0 | 2024-12-12 | XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-1 and prior to versions 15.10.9 and 16.3.0, on instances where `Extension Reposito… |
CVE-2020-6144 | Critical | 10.0 | 2020-09-01 | A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The username variable which is set at line 121 in install/Step5… |
CVE-2020-6143 | Critical | 10.0 | 2020-09-01 | A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The password variable which is set at line 122 in install/Step5… |
CVE-2015-2079 | Critical | 9.9 | 2025-04-28 | Usermin 0.980 through 1.x before 1.660 allows uconfig_save.cgi sig_file_free remote code execution because it uses the two argument (not three argument) form o… |
CVE-2024-43400 | Critical | 9.1 | 2024-08-19 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible for a user without Script or Programmin… |
CVE-2022-43938 | High | 8.8 | 2023-04-03 | Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x cannot allow a system administrator to disable script… |
CVE-2022-0895 | High | 7.7 | 2022-03-10 | Static Code Injection in GitHub repository microweber/microweber prior to 1.3. |
CVE-2025-36595 | High | 7.2 | 2025-06-27 | Dell Unisphere for PowerMax vApp, version(s) 9.2.4.x, contain(s) an Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vu… |
CVE-2024-0788 | Medium | 6.6 | 2024-01-29 | SUPERAntiSpyware Pro X v10.0.1260 is vulnerable to kernel-level API parameters manipulation and Denial of Service vulnerabilities by triggering the 0x9C402140… |
CVE-2024-37900 | Medium | 6.4 | 2024-07-31 | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When uploading an attachment with a malicious filename… |
CVE-2025-7825 | Medium | 6.3 | 2025-10-03 | The Schema Plugin For Divi, Gutenberg & Shortcodes plugin for WordPress is vulnerable to Object Instantiation in all versions up to, and including, 4.3.2 via d… |
CVE-2022-3960 | Medium | 6.3 | 2023-04-03 | Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x cannot allow a system administrator to disable script… |
CVE-2025-57707 | | 2026-02-11 | An improper neutralization of directives in statically saved code ('Static Code Injection') vulnerability has been reported to affect File Station 5. If a remo… | |
CVE-2025-30091 | | 2025-03-25 | In Tiny MoxieManager PHP before 4.0.0, remote code execution can occur in the installer command. This vulnerability allows unauthenticated attackers to inject… | |
CVE-2024-13268 | | 2025-01-09 | Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability in Drupal Opigno allows PHP Local File Inclusion.This is… | |
CVE-2024-13267 | | 2025-01-09 | Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability in Drupal Opigno TinCan Question Type allows PHP Local F… | |
CVE-2024-13265 | | 2025-01-09 | Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability in Drupal Opigno Learning path allows PHP Local File Inc… | |
CVE-2024-13264 | | 2025-01-09 | Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability in Drupal Opigno module allows PHP Local File Inclusion… | |
CVE-2024-13263 | | 2025-01-09 | Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability in Drupal Opigno group manager allows PHP Local File Inc… |