Weaknesses of type CWE-94
3,784 resultsCVE-2025-7872MEDIUMPortabilis i-Diario justificativas-de-falta cross site scriptingEPSS 0.3%CVE-2025-7871MEDIUMPortabilis i-Diario conteudos cross site scriptingEPSS 0.3%CVE-2024-47826LOWeLabFTW vulnerable to HTML Injection in extended search error messageEPSS 0.3%CVE-2025-3422MEDIUMEverest Forms <= 3.1.1 - Authenticated (Subscriber+) Arbitrary Shortcode ExecutionEPSS 0.3%CVE-2026-4474MEDIUMitsourcecode University Management System admin_single_student_update.php cross site scriptingEPSS 0.3%CVE-2024-4202HIGHProgress Telerik Reporting Local Instantiation VulnerabilityEPSS 0.3%CVE-2025-70844MEDIUMyaffa v2.0.0 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript into the "Add Account Group" function EPSS 0.3%CVE-2026-3721MEDIUM1024-lab/lab1024 SmartAdmin Help Documentation HelpDocAddForm.java cross site scriptingEPSS 0.3%CVE-2025-13793MEDIUMwinston-dsouza Ecommerce-Website GET Parameter header_menu.php cross site scriptingEPSS 0.3%CVE-2026-3812MEDIUMitsourcecode Payroll Management System manage_employee_allowances.php cross site scriptingEPSS 0.3%CVE-2026-5255MEDIUMcode-projects Simple Laundry System Parameter delstaffinfo.php cross site scriptingEPSS 0.3%CVE-2025-23264HIGHNVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an attacker may cause a code injection issue by prEPSS 0.3%CVE-2026-3412MEDIUMitsourcecode University Management System att_single_view.php cross site scriptingEPSS 0.3%CVE-2026-4849MEDIUMcode-projects Simple Laundry System Parameter modify.php cross site scriptingEPSS 0.3%CVE-2025-5628MEDIUMSourceCodester Food Menu Manager Add Menu index.php cross site scriptingEPSS 0.3%CVE-2025-1591MEDIUMSourceCodester Employee Management System Department Page department.php cross site scriptingEPSS 0.3%CVE-2026-27984CRITICALWordPress Widget Options plugin <= 4.1.3 - Remote Code Execution (RCE) vulnerabilityEPSS 0.3%CVE-2025-23265HIGHNVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an attacker may cause a code injection issue by prEPSS 0.3%CVE-2025-65829MEDIUMThe ESP32 system on a chip (SoC) that powers the Meatmeet basestation device was found to lack Secure Boot. The Secure Boot feature ensures EPSS 0.3%CVE-2025-14962MEDIUMcode-projects Simple Stock System chatuser.php cross site scriptingEPSS 0.3%