Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,808 vulnerabilities with CWE-74

CVE-2025-5176 HIGH

Realce Tecnologia Queue Ticket Kiosk < 2025-05-17 - SQL Injection via Admin Login Page Usurio Parameter

CVE-2025-5172 HIGH

econtrata < 2025-05-16 - SQL Injection via /valida usuario Parameter

CVE-2025-5170 MEDIUM

llisoft MTA Maita Training System 4.5 - SQL Injection via AdminShitiListRequestVo stTypeIds Parameter

CVE-2025-5155 MEDIUM

FoxCMS 1.2.5 - SQL Injection via batchCope Function

CVE-2025-5152 MEDIUM

Chanjet CRM < 20250510 - SQL Injection via gblOrgID Parameter

CVE-2025-5151 MEDIUM

defog introspect < 0.1.4 - Code Injection in execute_analysis_code_safely

CVE-2025-5147 MEDIUM

Netcore NBR1005GPEV2-20250508 - Command Injection

CVE-2025-5146 MEDIUM

Netcore NBR1005GPEV2-20250508 - Command Injection

CVE-2025-5145 MEDIUM

Netcore Multiple Devices < 20250508 - OS Command Injection via Query String

CVE-2025-5139 MEDIUM

Qualitor 8.20/8.24 - Command Injection via nmconexao Argument in Office 365 Connection Handler

CVE-2025-5137 MEDIUM

DedeCMS 5.7.117 - Remote Code Injection via sys_verifies.php refiles Parameter

CVE-2025-5128 HIGH

ScriptAndTools Real-Estate-website-in-PHP 1.0 - SQL Injection via Admin Login Panel Password Argument

CVE-2025-5126 HIGH

FLIR AX8 Firmware 1.46.0-1.46.16 - Remote Command Injection via setDataTime Function

CVE-2025-5119 HIGH

Emlog Pro 2.5.11 - SQL Injection via Tag Parameter in API Controller

CVE-2025-5107 MEDIUM

Fujian Kelixun 1.0 - SQL Injection via uuid Parameter in xml_cdr_details.php

CVE-2025-5081 HIGH

Campcodes Cybercafe Management System 1.0 - SQL Injection

CVE-2025-5079 HIGH

PHPGurukul/Campcodes Online Shopping Portal 1.0 - SQL Injection

CVE-2025-5078 HIGH

PHPGurukul/Campcodes Online Shopping Portal 1.0 - SQL Injection

CVE-2025-5077 HIGH

Campcodes Online Shopping Portal 1.0 - SQL Injection

CVE-2025-5057 HIGH

Campcodes Online Shopping Portal 1.0 - SQL Injection

CVE-2025-5056 HIGH

Campcodes Online Shopping Portal 1.0 - SQL Injection

CVE-2025-5032 HIGH

Campcodes Online Shopping Portal 1.0 - SQL Injection

CVE-2025-20256 MEDIUM

Cisco Secure Network Analytics - RCE

CVE-2025-5008 HIGH

projectworlds Online Time Table Generator 1.0 - SQL Injection

CVE-2025-5006 HIGH

Campcodes Online Shopping Portal 1.0 - SQL Injection

Previous Page 110 of 193 Next

Details

Vulnerabilities 4,808

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy