Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-94

CWE-94

Medium likelihood

Improper Control of Generation of Code ('Code Injection')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

6,492 vulnerabilities with CWE-94

CVE-2025-7924 LOW

PHPGurukul Online Banquet Booking System 1.0 - XSS

CVE-2025-0664 MEDIUM

Trellix Endpoint Security (HX) Agent 35.31.28 & >=36.30.0 - Authenticated Code Injection via OpenSSL Config

CVE-2025-7902 LOW

RuoYi < 4.8.1 - Cross-Site Scripting in SysNoticeController addSave Function

CVE-2025-7901 MEDIUM

RuoYi < 4.8.1 - Cross-Site Scripting via Swagger UI configUrl Parameter

CVE-2025-7887 MEDIUM

wikidocs < 1.0.78 - Cross-Site Scripting via path Argument in template.inc.php

CVE-2025-7885 MEDIUM

Huashengdun WebSSH < 1.6.2 - Cross-Site Scripting via Login Page Hostname/Port Parameter

CVE-2025-7872 LOW

Portabilis i-Diario 1.5.0 - Cross-Site Scripting via Justificativa Parameter

CVE-2025-7871 LOW

Portabilis i-Diario 1.5.0 - Cross-Site Scripting via filter[by_description] Parameter

CVE-2025-7870 LOW

Portabilis i-Diario 1.5.0 - Cross-Site Scripting via Anexo Parameter in justificativas-de-falta Endpoint

CVE-2025-7869 LOW

Portabilis i-Educar 2.9.0 - Cross-Site Scripting via Turma Module nm_tipo Parameter

CVE-2025-7868 LOW

Portabilis i-Educar < 2.10.0 - Cross-Site Scripting via Calendar Module Motivo Parameter

CVE-2025-7867 LOW

Portabilis i-Educar 2.9.0/2.10.0 - XSS

CVE-2025-7866 LOW

Portabilis i-Educar 2.9.0 - Cross-Site Scripting via Disabilities Module

CVE-2025-7865 LOW

JeeSite < 5.12.0 - Cross-Site Scripting in XSS Filter

CVE-2025-7858 LOW

PHPGurukul Apartment Visitors Management System 1.0 - XSS

CVE-2025-7857 LOW

PHPGurukul Apartment Visitors Management System 1.0 - XSS

CVE-2025-7856 LOW

PHPGurukul Apartment Visitors Management System 1.0 - XSS

CVE-2025-7840 LOW

Campcodes Online Movie Theater Seat Reservation System 1.0 - XSS

CVE-2025-7819 LOW

PHPGurukul Apartment Visitors Management System 1.0 - XSS

CVE-2025-7818 LOW

PHPGurukul Apartment Visitors Management System 1.0 - XSS

CVE-2025-7817 LOW

PHPGurukul Apartment Visitors Management System 1.0 - XSS

CVE-2025-7816 LOW

PHPGurukul Apartment Visitors Management System 1.0 - XSS

CVE-2025-7815 LOW

PHPGurukul Apartment Visitors Management System 1.0 - XSS

CVE-2025-7803 LOW

descreekert wx-discuz <12bd4745c63ec203cb32119bf77ead4a923bf277 - XSS

CVE-2025-7802 LOW

PHPGurukul Complaint Management System 2.0 - XSS

Previous Page 61 of 260 Next

Details

Vulnerabilities 6,492

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy