Weaknesses of type CWE-94
3,783 resultsCVE-2026-3027MEDIUMerzhongxmu JEEWMS UEditor getContent.jsp cross site scriptingEPSS 0.3%CVE-2025-8538MEDIUMPortabilis i-Educar novo cross site scriptingEPSS 0.3%CVE-2025-0228MEDIUMcode-projects Local Storage Todo App index.html cross site scriptingEPSS 0.3%CVE-2025-7866MEDIUMPortabilis i-Educar Disabilities Module educar_deficiencia_lst.php cross site scriptingEPSS 0.3%CVE-2025-6452MEDIUMCodeAstro Patient Record Management System Generate New Report Page cross site scriptingEPSS 0.3%CVE-2026-12811MEDIUMkortix-ai suna Auth Endpoint page.tsx router.push cross site scriptingEPSS 0.3%CVE-2024-11130MEDIUMZZCMS msg.php cross site scriptingEPSS 0.3%CVE-2025-70364HIGHAn issue was discovered in Kiamo before 8.4 allowing authenticated administrative attackers to execute arbitrary PHP code on the server. NOTEPSS 0.3%CVE-2025-10909MEDIUMMangati NovoSGA SVG File admin cross site scriptingEPSS 0.3%CVE-2026-14634MEDIUMkirilkirkov Ecommerce-CodeIgniter-Bootstrap Subscribed Emails Admin MY_Controller.php checkForPostRequests cross site scriptingEPSS 0.3%CVE-2025-23307HIGHNVIDIA NeMo Curator for all platforms contains a vulnerability where a malicious file created by an attacker could allow code injection. A sEPSS 0.3%CVE-2026-39311MEDIUMTrilium Notes: Stored XSS Leads to Unauthorized Remote Code Execution (RCE) via Unsanitized SVG AttachmentsEPSS 0.3%CVE-2025-8521MEDIUMgivanz Vvveb Add Type post-types cross site scriptingEPSS 0.3%CVE-2026-14633MEDIUMkirilkirkov Ecommerce-CodeIgniter-Bootstrap Hidden REST API Endpoint set cross site scriptingEPSS 0.3%CVE-2026-1048MEDIUMLigeroSmart index.pl cross site scriptingEPSS 0.3%CVE-2025-6101MEDIUMletta-ai letta interface.py function_message eval injectionEPSS 0.3%CVE-2024-32925HIGHIn dhd_prot_txstatus_process of dhd_msgbuf.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remoEPSS 0.3%CVE-2026-4745CRITICALArbitrary Code Execution via Crafted Bytecode in dendibakh/perf-ninjaEPSS 0.3%CVE-2026-5625MEDIUMassafelovic gpt-researcher WebSocket researcher.py cross site scriptingEPSS 0.3%CVE-2025-12920MEDIUMqianfox FoxCMS Product.php edit cross site scriptingEPSS 0.3%