Weaknesses of type CWE-94

3,781 results
CVE-2025-8545MEDIUMPortabilis i-Educar educar_motivo_afastamento_cad.php cross site scriptingEPSS 0.3%CVE-2021-3661HIGHA potential security vulnerability has been identified in certain HP Workstation BIOS (UEFI firmware) which may allow arbitrary code executiEPSS 0.3%CVE-2025-8847MEDIUMyangzongzhuan RuoYi edit cross site scriptingEPSS 0.3%CVE-2025-2590MEDIUMcode-projects Human Resource Management System recruitment.go UpdateRecruitmentById cross site scriptingEPSS 0.3%CVE-2025-67037HIGHAn issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the "tunnel" parameter when kiEPSS 0.3%CVE-2025-9736MEDIUMO2OA Personal Profile statement cross site scriptingEPSS 0.3%CVE-2025-9737MEDIUMO2OA Personal Profile importmodel cross site scriptingEPSS 0.3%CVE-2024-13196MEDIUMdonglight bookstore电商书城系统说明 BookInfoController.java BookSearchList cross site scriptingEPSS 0.3%CVE-2025-9734MEDIUMO2OA Personal Profile stat cross site scriptingEPSS 0.3%CVE-2025-67036HIGHAn issue was discovered in Lantronix EDS5000 2.1.0.0R3. The Log Info page allows users to see log files by specifying their names. Due to a EPSS 0.3%CVE-2026-6184MEDIUMcode-projects Simple Content Management System welcome.php cross site scriptingEPSS 0.3%CVE-2024-3958MEDIUMImproper Control of Generation of Code ('Code Injection') in GitLabEPSS 0.3%CVE-2026-6125MEDIUMDromara warm-flow Workflow Definition save-json SpelHelper.parseExpression code injectionEPSS 0.3%CVE-2025-9718MEDIUMO2OA Personal Profile process cross site scriptingEPSS 0.3%CVE-2025-3385MEDIUMLinZhaoguan pb-cms Classification Management Page cross site scriptingEPSS 0.3%CVE-2023-28793HIGHHeap Based Buffer Overflow in LibraryEPSS 0.3%CVE-2025-3386MEDIUMLinZhaoguan pb-cms Friendship Link admin#links cross site scriptingEPSS 0.3%CVE-2024-13033MEDIUMcode-projects Chat System chatroom.php cross site scriptingEPSS 0.3%CVE-2024-29409MEDIUMFile Upload vulnerability in nestjs nest v.10.3.2 allows a remote attacker to execute arbitrary code via the Content-Type header.EPSS 0.3%CVE-2025-5516MEDIUMTOTOLINK X2000R URL Filtering Page formFilter cross site scriptingEPSS 0.3%