Fallos del tipo CWE-94

3781 resultados
CVE-2025-15223MEDIUMPhilipinho Simple-PHP-Blog login.php cross site scriptingEPSS 0.3%CVE-2026-13558MEDIUMCodeAstro Complaint Management System Report addreport cross site scriptingEPSS 0.3%CVE-2025-2699MEDIUMGetmeUK ContentTools Image cross site scriptingEPSS 0.3%CVE-2024-28811LOWAn issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote privileged attacker to execute applications containeEPSS 0.3%CVE-2025-2084MEDIUMPHPGurukul Human Metapneumovirus Testing Management System Search Report Page search-report.php cross site scriptingEPSS 0.3%CVE-2025-9796MEDIUMthinkgem JeeSite EncodeUtils.java decodeUrl2 cross site scriptingEPSS 0.3%CVE-2025-6569MEDIUMcode-projects School Fees Payment System student.php cross site scriptingEPSS 0.3%CVE-2026-55570CRITICALSiYuan: Stored XSS results to Electron RCE in SiYuan marketplace via unescaped `data-obj` attribute (Bypass for CVE-2026-45375's patch)EPSS 0.3%CVE-2025-6473MEDIUMcode-projects School Fees Payment System fees.php cross site scriptingEPSS 0.3%CVE-2025-1817MEDIUMMini-Tmall Admin Name admin cross site scriptingEPSS 0.3%CVE-2025-5886MEDIUMEmlog article.php cross site scriptingEPSS 0.3%CVE-2026-31236CRITICALThe llm CLI tool thru 0.27.1 contains a critical code injection vulnerability via its --functions command-line argument. This argument is inEPSS 0.3%CVE-2026-49493HIGHMarkdown Preview Enhanced Arbitrary Code Execution via Bitfield interpretJS()EPSS 0.3%CVE-2024-4261MEDIUMResponsive Contact Form Builder & Lead Generation Plugin <= 1.9.1 - Authenticated (Subscriber+) Arbitrary Shortcode ExecutionEPSS 0.3%CVE-2026-25125MEDIUMOctober CMS: Environment Variable Exfiltration via INI Parser InterpolationEPSS 0.3%CVE-2025-9143MEDIUMScada-LTS mailing_lists.shtm cross site scriptingEPSS 0.3%CVE-2025-9144MEDIUMScada-LTS publisher_edit.shtm cross site scriptingEPSS 0.3%CVE-2025-2086MEDIUMStarSea99 starsea-mall update cross site scriptingEPSS 0.3%CVE-2025-24159HIGHA validation issue was addressed with improved logic. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, maEPSS 0.3%CVE-2019-3652MEDIUMENS code injection in EPSetup.exeEPSS 0.3%