Falhas do tipo CWE-94

3.780 resultados
CVE-2025-1592MEDIUMSourceCodester Best Employee Management System Add Role Page Role.php cross site scriptingEPSS 0.3%CVE-2024-13013MEDIUMPHPGurukul Maid Hiring Management System Contact Us Page contactus.php cross site scriptingEPSS 0.3%CVE-2026-41645MEDIUMNuclei: Environment variable disclosure via Response-Derived DSL ExpressionsEPSS 0.3%CVE-2025-67031MEDIUMORSEE (Online Recruitment System for Economic Experiments) 3.1.0 contains an authenticated Remote Code Execution vulnerability in the particEPSS 0.3%CVE-2025-1159MEDIUMCampCodes School Management Software academic-calendar cross site scriptingEPSS 0.3%CVE-2024-46964HIGHThe com.video.downloader.all (aka All Video Downloader) application through 11.28 for Android allows an attacker to execute arbitrary JavaScEPSS 0.3%CVE-2024-46966HIGHThe Ikhgur mn.ikhgur.khotoch (aka Video Downloader Pro & Browser) application through 1.0.42 for Android allows an attacker to execute arbitEPSS 0.3%CVE-2025-8115MEDIUMPHPGurukul Taxi Stand Management System new-autoortaxi-entry-form.php cross site scriptingEPSS 0.3%CVE-2024-46963HIGHThe com.superfast.video.downloader (aka Super Unlimited Video Downloader - All in One) application through 5.1.9 for Android allows an attacEPSS 0.3%CVE-2026-7466HIGHAgentFlow Arbitrary Python Pipeline Execution via pipeline_pathEPSS 0.3%CVE-2026-34585HIGHSiYuan: Stored XSS in imported .sy.zip content leads to arbitrary command executionEPSS 0.3%CVE-2026-4898MEDIUMcode-projects Online Food Ordering System contact.php cross site scriptingEPSS 0.3%CVE-2026-45833CRITICALA code injection vulnerability in version 0.4.17 or later of the ChromaDB Python project allows an authenticated attacker to run arbitrary cEPSS 0.3%CVE-2025-8211MEDIUMRoothub SystemConfigAdminController.java edit cross site scriptingEPSS 0.3%CVE-2025-7840MEDIUMCampcodes Online Movie Theater Seat Reservation System Reserve Your Seat Page index.php cross site scriptingEPSS 0.3%CVE-2010-20120HIGHMaple <= v13 Maplet File Creation and Command ExecutionEPSS 0.3%CVE-2026-58025MEDIUMRemote Code Execution via Unsafe Deserialization in LogItem ImportEPSS 0.3%CVE-2024-13793HIGHWolmart | Multi-Vendor Marketplace WooCommerce Theme <= 1.8.11 - Unauthenticated Arbitrary Shortcode Execution in wolmart_loadmoreEPSS 0.3%CVE-2023-37273HIGHDocker escape in Auto-GPT when running from docker-compose.yml included in git repoEPSS 0.3%CVE-2026-11393HIGHCode injection via improper triple-quote escaping in AgentCore CLI Bedrock Agent importEPSS 0.3%