Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-94

CWE-94

Medium likelihood

Improper Control of Generation of Code ('Code Injection')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

6,492 vulnerabilities with CWE-94

CVE-2025-5797 LOW

code-projects simple_laundry_system 1.0 - Cross-Site Scripting via Type Parameter in insert_type.php

CVE-2025-5796 LOW

code-projects simple_laundry_system 1.0 - Cross-Site Scripting via Type Parameter in edit_type.php

CVE-2025-5765 LOW

code-projects simple_laundry_system 1.0 - Cross-Site Scripting via Customer Parameter in edit_laundry.php

CVE-2025-5764 LOW

code-projects simple_laundry_system 1.0 - Cross-Site Scripting via Customer Parameter in insert_laundry.php

CVE-2025-49250 MEDIUM

cmoreira Team Showcase - Code Injection

CVE-2025-41365 MEDIUM

IDF v0.10.0-0C03-03 & ZLF v0.10.0-0C03-04 - Code Injection

CVE-2025-41362 MEDIUM

IDF v0.10.0-0C03-03 & ZLF v0.10.0-0C03-04 - Code Injection

CVE-2025-5757 LOW

Traffic Offense Reporting System 1.0 - Cross-Site Scripting via /save-reported.php Parameter Manipulation

CVE-2025-5727 LOW

Student Result Management System 1.0 - Stored Cross-Site Scripting in Announcement Page Title Field

CVE-2025-5726 LOW

SourceCodester Student Result Management System 1.0 - Stored Cross-Site Scripting in Division System Page

CVE-2025-5725 LOW

SourceCodester Student Result Management System 1.0 - Stored Cross-Site Scripting in Grading System Remark Field

CVE-2025-5724 LOW

Student Result Management System 1.0 - Stored Cross-Site Scripting in Subjects Page

CVE-2025-5723 LOW

Student Result Management System 1.0 - Stored Cross-Site Scripting in Classes Page Class Name Field

CVE-2025-5722 LOW

Student Result Management System 1.0 - Stored Cross-Site Scripting in Academic Term Field

CVE-2025-5721 LOW

Student Result Management System 1.0 - Stored Cross-Site Scripting in Profile Setting Page

CVE-2025-5713 LOW

Isolucoesweb Solucoescoop < 2025-05-19 - Code Injection

CVE-2025-5661 LOW

Traffic Offense Reporting System 1.0 - Cross-Site Scripting via site_name Parameter in Setting Handler

CVE-2025-5651 LOW

Traffic Offense Reporting System 1.0 - Cross-Site Scripting via saveuser.php User Input

CVE-2025-5628 LOW

SourceCodester Food Menu Manager 1.0 - Cross-Site Scripting via Add Menu Handler

CVE-2025-5584 LOW

PHPGurukul Hospital Management System 4.0 - XSS

CVE-2025-5543 LOW

TOTOLINK X2000R 1.0.0-B20230726.1108 - XSS

CVE-2025-5542 LOW

TOTOLINK X2000R 1.0.0-B20230726.1108 - XSS

CVE-2025-5523 LOW

enilu web-flash 1.0 - Cross-Site Scripting via File Upload Argument

CVE-2025-35036 HIGH

Hibernate Validator < 6.2.0 - Code Injection via Expression Language Interpolation

CVE-2025-5516 LOW

TOTOLINK X2000R 1.0.0-B20230726.1108 - XSS

Previous Page 67 of 260 Next

Details

Vulnerabilities 6,492

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy