Falhas do tipo CWE-94
3.775 resultadosCVE-2024-10909MEDIUMPojo Forms <= 1.4.7 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via form_preview_shortcodeEPSS 0.4%CVE-2026-45558CRITICALRoxy-WI: Authenticated RCE on every managed HAProxy load balancer via `option` field config injection in section saveEPSS 0.4%CVE-2020-36767HIGHtinyfiledialogs (aka tiny file dialogs) before 3.8.0 allows shell metacharacters in titles, messages, and other input data.EPSS 0.4%CVE-2024-12664MEDIUMruifang-tech Rebuild Project Task Comment cross site scriptingEPSS 0.4%CVE-2025-65026MEDIUMesm.sh CDN service has JS Template Literal Injection in CSS-to-JavaScriptEPSS 0.4%CVE-2026-0491CRITICALCode Injection vulnerability in SAP Landscape TransformationEPSS 0.4%CVE-2025-4056HIGHGlib: glib crash after long command lineEPSS 0.4%CVE-2024-37382MEDIUMAn issue discovered in import host feature in Ab Initio Metadata Hub and Authorization Gateway before 4.3.1.1 allows attackers to run arbitrEPSS 0.4%CVE-2023-50808CRITICALZimbra Collaboration before Kepler 9.0.0 Patch 38 GA allows DOM-based JavaScript injection in the Modern UI.EPSS 0.4%CVE-2025-49372CRITICALWordPress HAPPY plugin <= 1.0.7 - Remote Code Execution (RCE) vulnerabilityEPSS 0.4%CVE-2024-6982HIGHRemote Code Execution in Calculate Function in parisneo/lollmsEPSS 0.4%CVE-2024-3931MEDIUMTotara LMS User Selector check.php cross site scriptingEPSS 0.4%CVE-2024-13890HIGHAllow PHP Execute <= 1.0 - Authenticated (Editor+) PHP Code InjectionEPSS 0.4%CVE-2025-2801HIGHCreate custom forms for WordPress with a smart form plugin for smart businesses <= 1.2.4 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.4%CVE-2026-8430CRITICALSPIP < 4.4.14 Remote Code Execution via nginxEPSS 0.4%CVE-2020-15167HIGHArbitrary code execution via configuration file in MillerEPSS 0.4%CVE-2025-2714MEDIUMJoomlaUX JUX Real Estate addagent cross site scriptingEPSS 0.4%CVE-2026-41249HIGHCoreShop Vulnerable to Remote Code Execution (RCE) via Insecure `pull_request_target` ConfigurationEPSS 0.4%CVE-2024-36531MEDIUMnukeviet v.4.5 and before and nukeviet-egov v.1.2.02 and before are vulnerable to arbitrary code execution via the /admin/extensions/upload.EPSS 0.4%CVE-2024-8374HIGHArbitrary Code Injection in CuraEPSS 0.4%