Fallos del tipo CWE-94

3778 resultados
CVE-2025-4862MEDIUMPHPGurukul Directory Management System searchdata.php cross site scriptingEPSS 0.4%CVE-2024-12930MEDIUMcode-projects Simple Admin Panel addCatController.php cross site scriptingEPSS 0.4%CVE-2024-13202MEDIUMwander-chu SpringBoot-Blog Blog Article PageController.java modifiyArticle cross site scriptingEPSS 0.4%CVE-2024-12933MEDIUMcode-projects Simple Admin Panel updateItemController.php cross site scriptingEPSS 0.4%CVE-2024-12932MEDIUMcode-projects Simple Admin Panel addSizeController.php cross site scriptingEPSS 0.4%CVE-2024-47879HIGHOpenRefine's PreviewExpressionCommand, which is eval, lacks protection against cross-site request forgery (CSRF)EPSS 0.4%CVE-2026-11518MEDIUMSourceCodester Inventory System User Management users.php cross site scriptingEPSS 0.4%CVE-2024-54999MEDIUMMonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the last_name parameter the General Information module.EPSS 0.4%CVE-2026-32719MEDIUMAnythingLLM has a Zip Slip Path Traversal and Code Execution via Community Hub Plugin ImportEPSS 0.4%CVE-2026-5739MEDIUMPowerJob OpenAPI Endpoint addWorkflowNode GroovyEvaluator.evaluate code injectionEPSS 0.4%CVE-2024-12842MEDIUMEmlog Pro user.php cross site scriptingEPSS 0.4%CVE-2026-5971MEDIUMFoundationAgents MetaGPT XML action_node.py ActionNode.xml_fill eval injectionEPSS 0.4%CVE-2026-30887CRITICALOneUptime Affected by Unsandboxed Code Execution in Probe Allows Any Project Member to Achieve RCEEPSS 0.4%CVE-2026-22314CRITICALImproper Control of Generation of Code ('Code Injection') vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server ComEPSS 0.4%CVE-2026-5970MEDIUMFoundationAgents MetaGPT HumanEvalBenchmark/MBPPBenchmark check_solution code injectionEPSS 0.4%CVE-2025-61773HIGHpyLoad CNL and captcha handlers allow code Injection via unsanitized parametersEPSS 0.4%CVE-2026-28797HIGHRAGFlow: Server-Side Template Injection (SSTI) leading to Remote Code Execution (RCE) in Agent "Text Processing" ComponentEPSS 0.4%CVE-2025-6700MEDIUMXuxueli xxl-sso login cross site scriptingEPSS 0.4%CVE-2025-8346MEDIUMPortabilis i-Educar educar_aluno_lst.php cross site scriptingEPSS 0.4%CVE-2025-14730MEDIUMCTCMS Content Management System Backend System Configuration Ct_Config.php code injectionEPSS 0.4%