CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,807 vulnerabilities with CWE-74
CVE-2025-6364 HIGH
Simple Pizza Ordering System 1.0 - SQL Injection via Username Parameter in /adduser-exec.php
CVSS 7.3
CVE-2025-6363 HIGH
Simple Pizza Ordering System 1.0 - SQL Injection via ingname Parameter
CVSS 7.3
CVE-2025-6362 HIGH
Simple Pizza Ordering System 1.0 - SQL Injection via /editpro.php ID Parameter
CVSS 7.3
CVE-2025-6361 HIGH
Simple Pizza Ordering System 1.0 - SQL Injection via userid Parameter in adds.php
CVSS 7.3
CVE-2025-6360 HIGH
Simple Pizza Ordering System 1.0 - SQL Injection via /portal.php ID Parameter
CVSS 7.3
CVE-2025-6359 HIGH
Simple Pizza Ordering System 1.0 - SQL Injection via transactioncode Parameter
CVSS 7.3
CVE-2025-6358 HIGH
Simple Pizza Ordering System 1.0 - SQL Injection via ID Parameter in saveorder.php
CVSS 7.3
CVE-2025-6357 HIGH
Simple Pizza Ordering System 1.0 - SQL Injection via Payment Portal Person Parameter
CVSS 7.3
CVE-2025-6356 HIGH
Simple Pizza Ordering System 1.0 - SQL Injection via /addmem.php
CVSS 7.3
CVE-2025-6355 HIGH
Online Hotel Reservation System 1.0 - SQL Injection via userid Parameter in execeditroom.php
CVSS 7.3
CVE-2025-6354 HIGH
code-projects Online Shoe Store 1.0 - SQL Injection via Email Parameter in Customer Signup
CVSS 7.3
CVE-2025-6351 MEDIUM
Employee Record Management System 1.0 - SQL Injection via emp1name Parameter
CVSS 6.3
CVE-2025-6346 MEDIUM
Advance Charity Management System 1.0 - SQL Injection via m06 Parameter in fundDetails.php
CVSS 6.3
CVE-2025-6344 HIGH
Code-projects Online Shoe Store 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6343 HIGH
code-projects Online Shoe Store 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6342 HIGH
code-projects Online Shoe Store 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6339 HIGH
Ponaravindb Hospital Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6335 MEDIUM
dedecms < 5.7.2 - Remote Command Injection via Template Handler
CVSS 4.7
CVE-2025-6333 MEDIUM
PHPGurukul Directory Management System 2.0 - SQL Injection
CVSS 6.3
CVE-2025-6332 MEDIUM
PHPGurukul Directory Management System 2.0 - SQL Injection
CVSS 6.3
CVE-2025-6331 MEDIUM
PHPGurukul Directory Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-6330 HIGH
PHPGurukul Directory Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6323 HIGH
PHPGurukul Pre-School Enrollment System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6322 HIGH
PHPGurukul Pre-School Enrollment System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6321 MEDIUM
PHPGurukul Pre-School Enrollment System 1.0 - SQL Injection
CVSS 6.3
Details
Vulnerabilities 4,807
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits