Fallos del tipo CWE-94

3801 resultados
CVE-2026-8221MEDIUMDevs Palace ERP Online item-save cross site scriptingEPSS 0.2%CVE-2026-9564MEDIUMSourceCodester/oretnom23 Hospitals Patient Records Management System view_patient cross site scriptingEPSS 0.2%CVE-2026-9377MEDIUMSourceCodester SUP Online Shopping productedit.php cross site scriptingEPSS 0.2%CVE-2026-8253MEDIUMDevs Palace ERP Online purchase_save cross site scriptingEPSS 0.2%CVE-2026-2897MEDIUMfunadmin Backend index.html cross site scriptingEPSS 0.2%CVE-2026-2965MEDIUM07FLYCMS/07FLY-CMS/07FlyCRM System Extension edit.html cross site scriptingEPSS 0.2%CVE-2026-4972MEDIUMcode-projects Online Reviewer System btn_functions.php cross site scriptingEPSS 0.2%CVE-2024-36078MEDIUMIn Zammad before 6.3.1, a Ruby gem bundled by Zammad is installed with world-writable file permissions. This allowed a local attacker on theEPSS 0.2%CVE-2025-14663MEDIUMcode-projects Student File Management System update_student.php cross site scriptingEPSS 0.2%CVE-2022-22270MEDIUMAn implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows unprivileged applications to access contact infoEPSS 0.2%CVE-2026-4169MEDIUMTecnick TCExam XML Export tce_xml_users.php F_xml_export_users cross site scriptingEPSS 0.2%CVE-2026-8255MEDIUMDevs Palace ERP Online add_new_customer cross site scriptingEPSS 0.2%CVE-2026-8136MEDIUMSourceCodester Pharmacy Sales and Inventory System index.php users cross site scriptingEPSS 0.2%CVE-2026-7297MEDIUMSourceCodester Pizzafy Ecommerce System ajax.php save_user cross site scriptingEPSS 0.2%CVE-2026-52858HIGHVim: Arbitrary Code Execution via Python Omni-CompletionEPSS 0.2%CVE-2025-33240HIGHNVIDIA Megatron Bridge contains a vulnerability in a data shuffling tutorial, where malicious input could cause a code injection. A successfEPSS 0.2%CVE-2025-14991MEDIUMCampcodes Complete Online Beauty Parlor Management System bwdates-reports-details.php cross site scriptingEPSS 0.2%CVE-2025-15172MEDIUMSohuTV CacheCloud RedisConfigTemplateController.java preview cross site scriptingEPSS 0.2%CVE-2025-15146MEDIUMSohuTV CacheCloud UserManageController.java doUserList cross site scriptingEPSS 0.2%CVE-2026-11218MEDIUMInappropriate implementation in PlatformIntegration in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who convincEPSS 0.2%