Weaknesses of type CWE-94

3,778 results
CVE-2026-2159MEDIUMSourceCodester Simple Responsive Tourism Website Registration Master.php cross site scriptingEPSS 0.4%CVE-2025-5505MEDIUMTOTOLINK A3002RU Virtual Server Page formPortFw cross site scriptingEPSS 0.4%CVE-2026-0500CRITICALRemote code execution in SAP Wily Introscope Enterprise Manager (WorkStation)EPSS 0.4%CVE-2025-4075MEDIUMVMSMan login.php cross site scriptingEPSS 0.4%CVE-2026-56049HIGHWordPress Post Snippets plugin <= 4.0.19 - Remote Code Execution (RCE) vulnerabilityEPSS 0.4%CVE-2025-12302MEDIUMcode-projects Simple Food Ordering System editproduct.php cross site scriptingEPSS 0.4%CVE-2024-13023MEDIUMPHPGurukul Maid Hiring Management System Search Maid Page search-maid.php cross site scriptingEPSS 0.4%CVE-2025-22136HIGHTabby has a TCC Bypass via Misconfigured Node FusesEPSS 0.4%CVE-2025-12298MEDIUMcode-projects Simple Food Ordering System editcategory.php cross site scriptingEPSS 0.4%CVE-2025-2196MEDIUMMRCMS org.marker.mushroom.controller.FileController upload.do upload cross site scriptingEPSS 0.4%CVE-2026-57315HIGHWordPress Blocksy Companion Pro plugin <= 2.1.45 - Remote Code Execution (RCE) vulnerabilityEPSS 0.4%CVE-2025-5010MEDIUMmoonlightL hexo-boot Blog Backend index.html cross site scriptingEPSS 0.4%CVE-2025-2213MEDIUMCastlenet CBW383G2N Wireless Menu wlanPrimaryNetwork.asp cross site scriptingEPSS 0.4%CVE-2025-5011MEDIUMmoonlightL hexo-boot Dynamic List Page index.html cross site scriptingEPSS 0.4%CVE-2024-36120HIGHjavascript-deobfuscator crafted payload can lead to code executionEPSS 0.3%CVE-2025-9728MEDIUMgivanz Vvveb login.tpl cross site scriptingEPSS 0.3%CVE-2026-3962MEDIUMJcharis Machine-Learning-Web-Apps Jinja2 Template app.py render_template cross site scriptingEPSS 0.3%CVE-2026-14383HIGHInappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandEPSS 0.3%CVE-2025-67035CRITICALAn issue was discovered in Lantronix EDS5000 2.1.0.0R3. The SSH Client and SSH Server pages are affected by multiple OS injection vulnerabilEPSS 0.3%CVE-2024-13076MEDIUMPHPGurukul Land Record System edit-propertytype.php cross site scriptingEPSS 0.3%