Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-94

CWE-94

Medium likelihood

Improper Control of Generation of Code ('Code Injection')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

6,492 vulnerabilities with CWE-94

CVE-2025-6694 LOW

LabRedesCefetRJ WeGIA 3.4.0 - Cross-Site Scripting via Adicionar Unidade Component

CVE-2025-6613 LOW

PHPGurukul Hospital Management System 4.0 - Stored Cross-Site Scripting via Name Parameter in manage-patient.php

CVE-2025-23265 HIGH

NVIDIA Megatron-LM < 0.12.1 - Code Injection via Malicious File

CVE-2025-23264 HIGH

NVIDIA Megatron-LM < 0.12.1 - Code Injection via Malicious File

CVE-2025-6569 MEDIUM

School Fees Payment System 1.0 - XSS

CVE-2025-6551 LOW

java-aodeng Hope-Boot 1.0.0 - Cross-Site Scripting via WebController Login Error Message

CVE-2025-6509 LOW

seaswalker spring-analysis <4379cce848af96997a9d7ef91d594aa129be8d7...

CVE-2025-6512 CRITICAL

Bizerba BRAIN2 < 3.06 - Remote Code Execution via Report Script Injection

CVE-2025-6477 LOW

Student Result Management System 1.0 - Cross-Site Scripting via System Settings Page School Name Parameter

CVE-2025-6475 LOW

Student Result Management System 1.0 - Cross-Site Scripting in Manage Students Module

CVE-2025-6473 MEDIUM

School Fees Payment System 1.0 - Cross-Site Scripting via transcation_remark Parameter

CVE-2025-6452 LOW

CodeAstro Patient Record Management System 1.0 - Cross-Site Scripting via Patient Name Parameter

CVE-2025-6353 LOW

Responsive Blog Site 1.0 - Cross-Site Scripting via Search Keyword Parameter

CVE-2025-49132 CRITICAL

Pterodactyl Panel < 1.11.11 - Unauthenticated Remote Code Execution via Locale Endpoint

CVE-2025-6347 LOW

Responsive Blog Site 1.0/1.12.4/3.3.4 - Cross-Site Scripting in pageViewMembers.php

CVE-2025-6345 LOW

My Food Recipe 1.0 - Cross-Site Scripting via Add Recipe Page Name Parameter

CVE-2025-6340 LOW

School Fees Payment System 1.0 - XSS

CVE-2025-6301 LOW

PHPGurukul Notice Board System 1.0 - XSS

CVE-2025-6288 LOW

PHPGurukul Bus Pass Management System 1.0 - XSS

CVE-2025-6287 LOW

PHPGurukul COVID19 Testing Management System 1.0 - XSS

CVE-2025-6285 MEDIUM

PHPGurukul COVID19 Testing Management System 2021 - XSS

CVE-2025-6268 MEDIUM

Luna Imaging <= 7.5.5.6 - Cross-Site Scripting via Search Query Parameter

CVE-2025-24287 MEDIUM

Veeam Backup for Microsoft Windows 6.2.0.121 - Local Code Execution

CVE-2025-23121 HIGH

Veeam Backup & Replication < 12.3.2.3617 - Authenticated Remote Code Execution

CVE-2025-32798 CRITICAL

conda-build < 25.4.0 - Remote Code Execution via Unsafe Recipe Selector Evaluation

Previous Page 65 of 260 Next

Details

Vulnerabilities 6,492

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy