Falhas do tipo CWE-94

3.784 resultados
CVE-2026-4495MEDIUMatjiu pybbs CommentApiController.java create cross site scriptingEPSS 0.3%CVE-2026-4578MEDIUMcode-projects Exam Form Submission update_s3.php cross site scriptingEPSS 0.3%CVE-2025-55305MEDIUMElectron is vulnerable to Code Injection via resource modificationEPSS 0.3%CVE-2025-7140MEDIUMSourceCodester Best Salon Management System Update Staff Page edit-staff.php cross site scriptingEPSS 0.3%CVE-2026-8857NONEFull RCE using EasyTimeline ExtensionEPSS 0.3%CVE-2024-54997MEDIUMMonicaHQ v4.1.1 was discovered to contain an authenticated Client-Side Injection vulnerability via the entry text field at /journal/entries/EPSS 0.3%CVE-2024-13902MEDIUMhuang-yk student-manage Edit a Student Information Page cross site scriptingEPSS 0.3%CVE-2025-5727MEDIUMSourceCodester Student Result Management System Announcement Page announcement cross site scriptingEPSS 0.3%CVE-2025-5726MEDIUMSourceCodester Student Result Management System Division System Page division-system cross site scriptingEPSS 0.3%CVE-2025-7142MEDIUMSourceCodester Best Salon Management System search-appointment.php cross site scriptingEPSS 0.3%CVE-2025-7141MEDIUMSourceCodester Best Salon Management System Update Staff Page edit_plan.php cross site scriptingEPSS 0.3%CVE-2025-5584MEDIUMPHPGurukul Hospital Management System POST Parameter edit-patient.php cross site scriptingEPSS 0.3%CVE-2025-7139MEDIUMSourceCodester Best Salon Management System Update Customer Details Page edit-customer-detailed.php cross site scriptingEPSS 0.3%CVE-2025-7143MEDIUMSourceCodester Best Salon Management System Update Tax Page edit-tax.php cross site scriptingEPSS 0.3%CVE-2026-32669HIGHCode injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary code may be executed EPSS 0.3%CVE-2026-6106MEDIUM1Panel-dev MaxKB Public Chat static_headers_middleware.py StaticHeadersMiddleware cross site scriptingEPSS 0.3%CVE-2025-15632MEDIUM1Panel-dev MaxKB MdPreview chat.ts cross site scriptingEPSS 0.3%CVE-2025-9489MEDIUMWP-Members Membership Plugin <= 3.5.4.2 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Profile NamesEPSS 0.3%CVE-2025-4218MEDIUMhandrew browserpilot gpt_selenium_agent.py GPTSeleniumAgent code injectionEPSS 0.3%CVE-2026-12176MEDIUMSourceCodester CET Automated Grading System with AI Predictive Analytics index.php cross site scriptingEPSS 0.3%