Weaknesses of type CWE-94

3,785 results
CVE-2026-14704MEDIUMstephen-kruger bluebox cross site scriptingEPSS 0.3%CVE-2024-43128MEDIUMWordPress WooCommerce Product Table Lite plugin <= 3.5.1 - Arbitrary Code Execution vulnerabilityEPSS 0.3%CVE-2025-2131MEDIUMdayrui XunRuiCMS Friendly Links cross site scriptingEPSS 0.3%CVE-2024-40673MEDIUMIn Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by manipulating Dynamic Code Loading due to impEPSS 0.3%CVE-2025-11067MEDIUMProjectworlds Visitor Management System Add Visitor myform.php cross site scriptingEPSS 0.3%CVE-2025-0971MEDIUMZenvia Movidesk Profile Editing EditProfile cross site scriptingEPSS 0.3%CVE-2026-41414HIGHSkim: Arbitrary code execution via pull_request_target fork checkout in pr.ymlEPSS 0.3%CVE-2025-8920MEDIUMPortabilis i-Diario Dicionário de Termos BNCC dicionario-de-termos-bncc cross site scriptingEPSS 0.3%CVE-2025-7144MEDIUMSourceCodester Best Salon Management System Admin Profile Page admin-profile.php cross site scriptingEPSS 0.3%CVE-2023-7303MEDIUMq2apro q2apro-on-site-notifications q2apro-onsitenotifications-page.php process_request cross site scriptingEPSS 0.3%CVE-2025-4011MEDIUMRedmine Custom Query cross site scriptingEPSS 0.3%CVE-2025-5722MEDIUMSourceCodester Student Result Management System Add Academic Term terms cross site scriptingEPSS 0.3%CVE-2025-6477MEDIUMSourceCodester Student Result Management System System Settings Page system cross site scriptingEPSS 0.3%CVE-2025-49250MEDIUMWordPress Team Showcase plugin < 25.05.13 - Arbitrary Shortcode Execution vulnerabilityEPSS 0.3%CVE-2025-5723MEDIUMSourceCodester Student Result Management System Classes Page classes cross site scriptingEPSS 0.3%CVE-2025-10234MEDIUMScada-LTS Data Point Edit data_point_edit.shtm cross site scriptingEPSS 0.3%CVE-2026-10153MEDIUMwestboy CicadasCMS AbstractCacheManager.java search cross site scriptingEPSS 0.3%CVE-2025-5724MEDIUMSourceCodester Student Result Management System Subjects Page subjects cross site scriptingEPSS 0.3%CVE-2026-49774CRITICALWordPress RD Station plugin <= 5.6.0 - Remote Code Execution (RCE) vulnerabilityEPSS 0.3%CVE-2025-5725MEDIUMSourceCodester Student Result Management System Grading System Page grading-system cross site scriptingEPSS 0.3%