Weaknesses of type CWE-94
3,777 resultsCVE-2024-46961HIGHThe Inshot com.downloader.privatebrowser (aka Video Downloader - XDownloader) application through 1.3.5 for Android allows an attacker to exEPSS 0.4%CVE-2024-12982MEDIUMPHPGurukul Blood Bank & Donor Management System update-contactinfo.php cross site scriptingEPSS 0.4%CVE-2025-3984LOWApereo CAS Groovy Code RegisteredServiceSimpleFormController.java saveService code injectionEPSS 0.4%CVE-2024-13017MEDIUMPHPGurukul Maid Hiring Management System About Us Page aboutus.php cross site scriptingEPSS 0.4%CVE-2026-40967HIGHIn Spring AI, various FilterExpressionConverter implementations accept a filter expression object and translate them to specific vector storEPSS 0.4%CVE-2024-54999MEDIUMMonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the last_name parameter the General Information module.EPSS 0.4%CVE-2024-13192MEDIUMZeroWdd myblog BlogController.java update cross site scriptingEPSS 0.4%CVE-2025-68278HIGHtinacms vulnerable to arbitrary code executionEPSS 0.4%CVE-2024-13197MEDIUMdonglight bookstore电商书城系统说明 AdminUserControlle.java updateUser cross site scriptingEPSS 0.4%CVE-2026-41507CRITICALRemote Code Execution (RCE) via String Literal Injection into math-codegenEPSS 0.4%CVE-2024-8258LOWInsecure Electron Fuses in Logitech Options Plus Allowing Arbitrary Code Execution on macOSEPSS 0.4%CVE-2024-12232MEDIUMcode-projects Simple CRUD Functionality index.php cross site scriptingEPSS 0.4%CVE-2026-21656HIGHJohnson Controls -Frick Quantum HD- Unauthenticated Remote Code ExecutionEPSS 0.4%CVE-2025-14166MEDIUMWPMasterToolKit (WPMTK) <= 2.13.0 - Authenticated (Contributor+) Code InjectionEPSS 0.4%CVE-2024-28699HIGHA buffer overflow vulnerability in pdf2json v0.70 allows a local attacker to execute arbitrary code via the GString::copy() and ImgOutputDevEPSS 0.4%CVE-2026-49143HIGHBrowserStack Runner 0.9.5 Unauthenticated RCE via /_log HTTP HandlerEPSS 0.4%CVE-2026-21657HIGHJohnson Controls -Frick Quantum HD- Unauthenticated Remote Code ExecutionEPSS 0.4%CVE-2025-14691MEDIUMMayan EDMS authentication cross site scriptingEPSS 0.4%CVE-2026-5584MEDIUMFosowl agenticSeek query Endpoint PyInterpreter.py PyInterpreter.execute code injectionEPSS 0.4%CVE-2024-12844MEDIUMEmlog Pro store.php cross site scriptingEPSS 0.4%