Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,792 vulnerabilities with CWE-74

CVE-2026-8128 HIGH

SourceCodester SUP Online Shopping viewmsg.php sql injection

CVE-2026-8126 HIGH

SourceCodester Comment System post_comment.php sql injection

CVE-2026-8125 MEDIUM

code-projects Simple Chat System sendMessage.php sql injection

CVE-2026-8114 MEDIUM

JeecgBoot JSON Object loadTreeData sql injection

CVE-2026-26164 HIGH

M365 Copilot Information Disclosure Vulnerability

CVE-2026-8098 HIGH

code-projects Feedback System checklogin.php sql injection

CVE-2026-8097 MEDIUM

CodeAstro Online Classroom askquery.php sql injection

CVE-2026-41691 MEDIUM

i18next-http-backend has Path Traversal & URL Injection via Unsanitised lng/ns

CVE-2026-8083 HIGH

SourceCodester Pharmacy Sales and Inventory System ajax.php save_user sql injection

CVE-2026-7833 HIGH

EFM ipTIME C200 ApplyRestore Endpoint iux_set.cgi sub_408F90 command injection

CVE-2026-7822 MEDIUM

itsourcecode Courier Management System print_pdets.php sql injection

CVE-2026-7812 HIGH

54yyyu code-mcp MCP Tool server.py git_operation command injection

CVE-2026-7783 MEDIUM

CodeCanyon Perfex CRM Admin Kanban Endpoint AbstractKanban.php applySortQuery sql injection

CVE-2026-7746 MEDIUM

SourceCodester Web-based Pharmacy Product Management System edit-admin.php sql injection

CVE-2026-7745 MEDIUM

CodeAstro Online Classroom facultydetails sql injection

CVE-2026-7744 MEDIUM

CodeAstro Online Classroom addnewstudent sql injection

CVE-2026-7743 MEDIUM

CodeAstro Online Classroom studentdetails sql injection

CVE-2026-7742 MEDIUM

CodeAstro Online Classroom facultylogin sql injection

CVE-2026-7741 MEDIUM

CodeAstro Online Classroom studentlogin sql injection

CVE-2026-7731 MEDIUM

code-projects BloodBank Managing System get_state.php sql injection

CVE-2026-7727 HIGH

Shandong Hoteam Software PDM Product Data Management System DataService GetQueryMachineGridOnePageData sql injection

CVE-2026-7725 MEDIUM

PrefectHQ prefect GitRepository Pull storage.py argument injection

CVE-2026-7721 MEDIUM

Totolink WA300 cstecgi.cgi NTPSyncWithHost command injection

CVE-2026-7720 MEDIUM

Totolink WA300 POST Request cstecgi.cgi setLanguageCfg command injection

CVE-2026-7718 MEDIUM

Totolink WA300 POST Request cstecgi.cgi setWebWlanIdx command injection

Previous Page 10 of 192 Next

Details

Vulnerabilities 4,792

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy