Fallos del tipo CWE-94

3781 resultados
CVE-2026-14749MEDIUMmjperpinosa stumasy calculate.php eval code injectionEPSS 0.3%CVE-2025-1553MEDIUMpankajindevops scale project cross site scriptingEPSS 0.3%CVE-2025-10566MEDIUMCampcodes Grocery Sales and Inventory System index.php cross site scriptingEPSS 0.3%CVE-2025-9438MEDIUM1000projects Online Project Report Submission and Evaluation System add_student.php cross site scriptingEPSS 0.3%CVE-2025-11360MEDIUMjakowenko double-take API app.js app.use cross site scriptingEPSS 0.3%CVE-2026-44346HIGHBentoML: Dockerfile command injection via envs[*].name in bentofile.yamlEPSS 0.3%CVE-2025-11125MEDIUMlangleyfcu Online Banking System Error Message connection_error.php cross site scriptingEPSS 0.3%CVE-2026-54133CRITICALjmespath.php has CompilerRuntime code injection via unescaped function namesEPSS 0.3%CVE-2025-13343MEDIUMSourceCodester Interview Management System editQuestion.php cross site scriptingEPSS 0.3%CVE-2026-7401MEDIUMSourceCodester CET Automated Grading System with AI Predictive Analytics Registration index.php register cross site scriptingEPSS 0.3%CVE-2025-9656MEDIUMPHPGurukul Directory Management System add-directory.php cross site scriptingEPSS 0.3%CVE-2024-37885LOWCode injection in Nextcloud Desktop Client for macOSEPSS 0.3%CVE-2025-6092MEDIUMcomfyanonymous comfyui Incomplete Fix CVE-2024-10099 image cross site scriptingEPSS 0.3%CVE-2025-55192HIGHHomeAssistant-Tapo-Control Code Injection Vulnerability in issues.yml WorkflowEPSS 0.3%CVE-2025-9416MEDIUMoitcode samarium Pages Image webpage cross site scriptingEPSS 0.3%CVE-2025-0483MEDIUMFanli2012 native-php-cms jump.php cross site scriptingEPSS 0.3%CVE-2026-9938HIGHInappropriate implementation in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sanEPSS 0.3%CVE-2026-39052MEDIUMOinone Pamirs 7.0.0 contains a code execution vulnerability via ScriptRunner. The method ScriptRunner.run(String expression, String type, MaEPSS 0.3%CVE-2025-68015CRITICALWordPress Event Tickets with Ticket Scanner plugin <= 2.8.5 - Remote Code Execution (RCE) vulnerabilityEPSS 0.3%CVE-2025-41365MEDIUMCode injection vulnerability in IDF and ZLFEPSS 0.3%