Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,808 vulnerabilities with CWE-74

CVE-2025-5298 HIGH

Campcodes Online Hospital Management System 1.0 - SQL Injection via fromdate/todate Parameter

CVE-2025-5252 HIGH

PHPGurukul News Portal Project 4.1 - SQL Injection via emailid Parameter

CVE-2025-5251 HIGH

PHPGurukul News Portal Project 4.1 - SQL Injection via Category Parameter in edit-subcategory.php

CVE-2025-5250 HIGH

PHPGurukul News Portal Project 4.1 - SQL Injection via Category Argument in Edit Category

CVE-2025-5249 HIGH

PHPGurukul News Portal Project 4.1 - SQL Injection via Category Parameter in add-category.php

CVE-2025-5248 HIGH

PHPGurukul Company Visitor Management System 1.0 - SQL Injection via fromdate/todate Parameter

CVE-2025-5246 HIGH

Campcodes Online Hospital Management System 1.0 - SQL Injection via adminremark Parameter

CVE-2025-5232 MEDIUM

PHPGurukul Student Study Center Management System 1.0 - SQL Injection via Report Date Parameters

CVE-2025-5231 HIGH

PHPGurukul Company Visitor Management System 1.0 - SQL Injection via Forgot Password Email Parameter

CVE-2025-5230 HIGH

PHPGurukul Online Nurse Hiring System 1.0 - SQL Injection via fromdate/todate Argument

CVE-2025-5229 HIGH

Campcodes Online Hospital Management System 1.0 - SQL Injection via viewid Parameter

CVE-2025-5227 HIGH

PHPGurukul Small CRM 3.0 - SQL Injection via aremark Parameter

CVE-2025-5226 HIGH

PHPGurukul Small CRM 3.0 - SQL Injection via oldpass Parameter

CVE-2025-5225 HIGH

Campcodes Advanced Online Voting System 1.0 - SQL Injection via Voter Parameter

CVE-2025-5224 HIGH

Campcodes Online Hospital Management System 1.0 - SQL Injection via Doctorspecialization Parameter

CVE-2025-5216 HIGH

PHPGurukul Student Record System 3.20 - SQL Injection via /login.php ID Parameter

CVE-2025-5214 HIGH

Kashipara Responsive Online Learning Platform 1.0 - SQL Injection via ID Parameter

CVE-2025-5213 HIGH

Responsive E-Learning System 1.0 - SQL Injection via /admin/delete_file.php ID Parameter

CVE-2025-5212 HIGH

PHPGurukul Employee Record Management System 1.3 - SQL Injection via emp1name Parameter

CVE-2025-5211 HIGH

PHPGurukul Employee Record Management System 1.3 - SQL Injection via EmpCode Parameter

CVE-2025-5210 HIGH

PHPGurukul Employee Record Management System 1.3 - SQL Injection via Email Parameter in loginerms.php

CVE-2025-5208 HIGH

Online Hospital Management System 1.0 - SQL Injection via Email Parameter in check_availability.php

CVE-2025-5207 MEDIUM

Client Database Management System 1.0 - SQL Injection via /superadmin_update_profile.php Nickname/Email Parameter

CVE-2025-5206 MEDIUM

Pixelimity 1.0 - SQL Injection via /install/index.php site_description Parameter

CVE-2025-5205 HIGH

1000 Projects Daily College Class Work Report Book 1.0 - SQL Injection via Date Parameter in /dcwr_entry.php

Previous Page 109 of 193 Next

Details

Vulnerabilities 4,808

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy