Weaknesses of type CWE-94

3,798 results
CVE-2025-7958HIGHA Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code EPSS 0.2%CVE-2025-15201MEDIUMSohuTV CacheCloud WebResourceController.java redirectNoPower cross site scriptingEPSS 0.2%CVE-2026-1049MEDIUMLigeroSmart index.pl cross site scriptingEPSS 0.2%CVE-2026-3741MEDIUMYiFang CMS D_friendLink.php update cross site scriptingEPSS 0.2%CVE-2025-52718HIGHWordPress Alone theme <= 7.8.2 - Arbitrary Code Execution VulnerabilityEPSS 0.2%CVE-2026-3742MEDIUMYiFang CMS D_singlePage.php update cross site scriptingEPSS 0.2%CVE-2025-7711MEDIUMClassified Listing – Classified ads & Business Directory Plugin <= 5.0.3 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Listing DescriptionEPSS 0.2%CVE-2026-2214MEDIUMcode-projects for Plugin AdminAddAlbum.php cross site scriptingEPSS 0.2%CVE-2026-3743MEDIUMYiFang CMS D_singlePageGroup.php update cross site scriptingEPSS 0.2%CVE-2026-6743MEDIUMWebSystems WebTOTUM Calendar cross site scriptingEPSS 0.2%CVE-2026-7390MEDIUMSourceCodester Pharmacy Sales and Inventory System index.php customer cross site scriptingEPSS 0.2%CVE-2026-6600MEDIUMlangflow-ai langflow Frontend React Component Rendering edit-message.tsx cross site scriptingEPSS 0.2%CVE-2026-7677MEDIUMkerwincui FastBee System Notice SysNoticeController.java add cross site scriptingEPSS 0.2%CVE-2026-3984MEDIUMCampcodes Division Regional Athletic Meet Game Result Matrix System save_up_athlete.php cross site scriptingEPSS 0.2%CVE-2025-3753HIGHUnsafe use of eval() method in rosbag toolEPSS 0.2%CVE-2026-4835MEDIUMcode-projects Accounting System Web Application add_costumer.php cross site scriptingEPSS 0.2%CVE-2026-5249MEDIUMgougucms Record Endpoint record.html cross site scriptingEPSS 0.2%CVE-2026-6648MEDIUMQibo CMS Internal Message cross site scriptingEPSS 0.2%CVE-2026-3983MEDIUMCampcodes Division Regional Athletic Meet Game Result Matrix System save-games.php cross site scriptingEPSS 0.2%CVE-2024-51330MEDIUMAn issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication (IPEPSS 0.2%