Falhas do tipo CWE-94

3.778 resultados
CVE-2026-36458CRITICALChestnutCMS v1.5.10 has a SQL injection vulnerability. The content parameter of the cms_content tag can be manipulated in the admin backend EPSS 0.4%CVE-2025-15393MEDIUMKohana KodiCMS Layout API Endpoint file.php save code injectionEPSS 0.4%CVE-2024-11492MEDIUM115cms appurladd.html cross site scriptingEPSS 0.4%CVE-2025-2354MEDIUMVAM Virtual Airlines Manager index.php cross site scriptingEPSS 0.4%CVE-2026-22584CRITICALImproper Control of Generation of Code ('Code Injection') vulnerability in Salesforce Uni2TS on MacOS, Windows, Linux allows Leverage ExecutEPSS 0.4%CVE-2024-13209MEDIUMRedaxo CMS Structure Management Page index.php cross site scriptingEPSS 0.4%CVE-2026-49113HIGHWordPress Cornerstone plugin < 7.8.8 - Arbitrary Code Execution vulnerabilityEPSS 0.4%CVE-2025-9680MEDIUMO2OA Personal Profile page cross site scriptingEPSS 0.4%CVE-2024-12420MEDIUMWPMobile.App — Android and iOS Mobile Application <= 11.52 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.4%CVE-2024-12892MEDIUMcode-projects Online Exam Mastering System sign.php cross site scriptingEPSS 0.4%CVE-2024-13031MEDIUMAntabot White-Jotter Article Content Editor editor cross site scriptingEPSS 0.4%CVE-2021-41527LOW2FA bypass on the RISC PlatformEPSS 0.4%CVE-2024-13075MEDIUMPHPGurukul Land Record System add-propertytype.php cross site scriptingEPSS 0.4%CVE-2024-10001HIGHCode Injection Vulnerability in GitHub Enterprise Server Allows Arbitrary Code Execution via Message HandlingEPSS 0.4%CVE-2026-13749HIGHSnowflake CLI Arbitrary Code Execution via Snowpark Annotation Processor Template InjectionEPSS 0.4%CVE-2025-67979CRITICALWordPress WPForms Google Sheet Connector plugin <= 4.0.1 - Remote Code Execution (RCE) vulnerabilityEPSS 0.4%CVE-2025-3822MEDIUMSourceCodester Web-based Pharmacy Product Management System changepassword.php cross site scriptingEPSS 0.4%CVE-2026-29075HIGHMesa: Checking out of untrusted code in `benchmarks.yml` workflow may lead to code execution in privileged runnerEPSS 0.4%CVE-2025-9107MEDIUMPortabilis i-Diario search_autocomplete cross site scriptingEPSS 0.4%CVE-2024-12333MEDIUMWoodMart <= 8.0.3 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.4%