Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-94

CWE-94

Medium likelihood

Improper Control of Generation of Code ('Code Injection')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

6,184 vulnerabilities with CWE-94

CVE-2026-7596 MEDIUM

nextlevelbuilder ui-ux-pro-max-skill Slide Generator generate-slide.py data.get cross site scripting

CVE-2026-7595 MEDIUM

nextlevelbuilder ui-ux-pro-max-skill Tailwind Config Generator tailwind_config_gen.py _format_plugins code injection

CVE-2026-7580 MEDIUM

Exiftool JPEG/QuickTime/MOV/MP4 GM.pm Process_mrld code injection

CVE-2026-7508 MEDIUM

Bootstrap CMS Page Creation show.blade.php code injection

CVE-2026-6543 HIGH

Authenticated Remote Code Execution Vulnerability in Langflow Code Validation Endpoint

CVE-2026-7501 LOW

LinkStackOrg LinkStack UserController.php editPage cross site scripting

CVE-2026-7401 MEDIUM

SourceCodester CET Automated Grading System with AI Predictive Analytics Registration index.php register cross site scripting

CVE-2026-34965 HIGH

Cockpit CMS Authenticated Remote Code Execution via Collections

CVE-2026-7466 HIGH

AgentFlow Arbitrary Python Pipeline Execution via pipeline_path

CVE-2026-7390 LOW

SourceCodester Pharmacy Sales and Inventory System index.php customer cross site scripting

CVE-2026-7388 MEDIUM

EyouCMS Template File FilemanagerLogic.php editFile code injection

CVE-2026-7297 LOW

SourceCodester Pizzafy Ecommerce System ajax.php save_user cross site scripting

CVE-2026-7296 LOW

SourceCodester Pizzafy Ecommerce System ajax.php save_order cross site scripting

CVE-2026-7295 LOW

SourceCodester Pizzafy Ecommerce System ajax.php save_menu cross site scripting

CVE-2026-7294 LOW

SourceCodester Pizzafy Ecommerce System index.php save_settings cross site scripting

CVE-2026-27760 HIGH

OpenCATS PHP Code Injection via installer AJAX endpoint

CVE-2026-7281 LOW

SourceCodester Pharmacy Sales and Inventory System index.php supplier cross site scripting

CVE-2026-7269 LOW

SourceCodester Pharmacy Sales and Inventory System index.php cross site scripting

CVE-2026-7230 MEDIUM

SourceCodester Safety Anger Pad cross site scripting

CVE-2026-40967 HIGH

Spring AI 1.0.0-1.0.5 - Code Injection

CVE-2026-7222 LOW

code-projects Coaching Management System Complaint Form complaint.php cross site scripting

CVE-2026-7200 MEDIUM

SourceCodester Pharmacy Sales and Inventory System index.php cross site scripting

CVE-2026-7191 HIGH

Arbitrary Code Execution via Sandbox Bypass in the open source solution QnABot on AWS

CVE-2026-7129 MEDIUM

SourceCodester Pharmacy Sales and Inventory System index.php cross site scripting

CVE-2026-7116 MEDIUM

code-projects Employee Management System mark.php cross site scripting

Page 1 of 248 Next

Details

Vulnerabilities 6,184

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy