Weaknesses of type CWE-94
3,787 resultsCVE-2026-4578MEDIUMcode-projects Exam Form Submission update_s3.php cross site scriptingEPSS 0.3%CVE-2024-13785MEDIUMContact Form, Survey, Quiz & Popup Form Builder – ARForms <= 1.7.2 - Unauthenticated Blind Arbitrary Shortcode ExecutionEPSS 0.3%CVE-2026-4495MEDIUMatjiu pybbs CommentApiController.java create cross site scriptingEPSS 0.3%CVE-2025-10703HIGHImproper Control of Generation of Code ('Code Injection') vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirectEPSS 0.3%CVE-2025-7141MEDIUMSourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scriptingEPSS 0.3%CVE-2025-7142MEDIUMSourceCodester Best Salon Management System search-appointment.php cross site scriptingEPSS 0.3%CVE-2025-10702HIGHImproper Control of Generation of Code ('Code Injection') vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirectEPSS 0.3%CVE-2025-5726MEDIUMSourceCodester Student Result Management System Division System Page division-system cross site scriptingEPSS 0.3%CVE-2025-7140MEDIUMSourceCodester Best Salon Management System Update Staff Page edit-staff.php cross site scriptingEPSS 0.3%CVE-2025-55305MEDIUMElectron is vulnerable to Code Injection via resource modificationEPSS 0.3%CVE-2025-5584MEDIUMPHPGurukul Hospital Management System POST Parameter edit-patient.php cross site scriptingEPSS 0.3%CVE-2025-5727MEDIUMSourceCodester Student Result Management System Announcement Page announcement cross site scriptingEPSS 0.3%CVE-2024-13902MEDIUMhuang-yk student-manage Edit a Student Information Page cross site scriptingEPSS 0.3%CVE-2025-7139MEDIUMSourceCodester Best Salon Management System Update Customer Details Page edit-customer-detailed.php cross site scriptingEPSS 0.3%CVE-2026-8857NONEFull RCE using EasyTimeline ExtensionEPSS 0.3%CVE-2024-54997MEDIUMMonicaHQ v4.1.1 was discovered to contain an authenticated Client-Side Injection vulnerability via the entry text field at /journal/entries/EPSS 0.3%CVE-2025-7143MEDIUMSourceCodester Best Salon Management System Update Tax Page edit-tax.php cross site scriptingEPSS 0.3%CVE-2025-9489MEDIUMWP-Members Membership Plugin <= 3.5.4.2 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Profile NamesEPSS 0.3%CVE-2026-32669HIGHCode injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary code may be executed EPSS 0.3%CVE-2025-15632MEDIUM1Panel-dev MaxKB MdPreview chat.ts cross site scriptingEPSS 0.3%