Weaknesses of type CWE-94
3,784 resultsCVE-2025-5153MEDIUMCMS Made Simple Design Manager Module cross site scriptingEPSS 0.3%CVE-2025-8539MEDIUMPortabilis i-Educar public_distrito_cad.php cross site scriptingEPSS 0.3%CVE-2025-8538MEDIUMPortabilis i-Educar novo cross site scriptingEPSS 0.3%CVE-2025-2133MEDIUMftcms edit cross site scriptingEPSS 0.3%CVE-2025-0228MEDIUMcode-projects Local Storage Todo App index.html cross site scriptingEPSS 0.3%CVE-2025-8540MEDIUMPortabilis i-Educar public_municipio_cad.php cross site scriptingEPSS 0.3%CVE-2025-8542MEDIUMPortabilis i-Educar empresas_cad.php cross site scriptingEPSS 0.3%CVE-2026-12811MEDIUMkortix-ai suna Auth Endpoint page.tsx router.push cross site scriptingEPSS 0.3%CVE-2025-7866MEDIUMPortabilis i-Educar Disabilities Module educar_deficiencia_lst.php cross site scriptingEPSS 0.3%CVE-2025-6452MEDIUMCodeAstro Patient Record Management System Generate New Report Page cross site scriptingEPSS 0.3%CVE-2026-14633MEDIUMkirilkirkov Ecommerce-CodeIgniter-Bootstrap Hidden REST API Endpoint set cross site scriptingEPSS 0.3%CVE-2024-11130MEDIUMZZCMS msg.php cross site scriptingEPSS 0.3%CVE-2025-70364HIGHAn issue was discovered in Kiamo before 8.4 allowing authenticated administrative attackers to execute arbitrary PHP code on the server. NOTEPSS 0.3%CVE-2025-8521MEDIUMgivanz Vvveb Add Type post-types cross site scriptingEPSS 0.3%CVE-2026-39311MEDIUMTrilium Notes: Stored XSS Leads to Unauthorized Remote Code Execution (RCE) via Unsanitized SVG AttachmentsEPSS 0.3%CVE-2026-14634MEDIUMkirilkirkov Ecommerce-CodeIgniter-Bootstrap Subscribed Emails Admin MY_Controller.php checkForPostRequests cross site scriptingEPSS 0.3%CVE-2025-23307HIGHNVIDIA NeMo Curator for all platforms contains a vulnerability where a malicious file created by an attacker could allow code injection. A sEPSS 0.3%CVE-2025-10909MEDIUMMangati NovoSGA SVG File admin cross site scriptingEPSS 0.3%CVE-2025-6101MEDIUMletta-ai letta interface.py function_message eval injectionEPSS 0.3%CVE-2024-32925HIGHIn dhd_prot_txstatus_process of dhd_msgbuf.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remoEPSS 0.3%