Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,808 vulnerabilities with CWE-74

CVE-2025-4780 MEDIUM

PHPGurukul Park Ticketing Management System 2.0 - SQL Injection via searchdata Parameter in foreigner-search.php

CVE-2025-4778 MEDIUM

PHPGurukul Park Ticketing Management System 2.0 - SQL Injection via searchdata Parameter

CVE-2025-4777 MEDIUM

PHPGurukul Park Ticketing Management System 2.0 - SQL Injection via viewid Parameter

CVE-2025-4773 HIGH

PHPGurukul Online Course Registration 3.1 - SQL Injection via /admin/level.php level Parameter

CVE-2025-4772 HIGH

PHPGurukul Online Course Registration 3.1 - SQL Injection via Department Parameter

CVE-2025-4771 HIGH

PHPGurukul Online Course Registration 3.1 - SQL Injection via coursecode Parameter

CVE-2025-4770 MEDIUM

PHPGurukul Park Ticketing Management System 2.0 - SQL Injection via viewid Parameter

CVE-2025-4767 MEDIUM

defog-ai introspect <= 0.1.4 - Code Injection via Test Endpoint Input Model

CVE-2025-4766 HIGH

PHPGurukul Zoo Management System 2.1 - SQL Injection via Profile Contact Number Parameter

CVE-2025-4765 HIGH

PHPGurukul Zoo Management System 2.1 - SQL Injection via mobnum Parameter in Contactus

CVE-2025-4761 HIGH

PHPGurukul Complaint Management System 2.0 - SQL Injection via Mobile Number Parameter

CVE-2025-4758 HIGH

PHPGurukul Beauty Parlour Management System 1.1 - SQL Injection via Contact Form fname Parameter

CVE-2025-4757 HIGH

PHPGurukul Beauty Parlour Management System 1.1 - SQL Injection via Forgot Password Email Parameter

CVE-2025-4747 MEDIUM

Bohua NetDragon Firewall 1.0 - Command Injection

CVE-2025-4746 HIGH

Campcodes Sales and Inventory System 1.0 - SQL Injection via pr_id Parameter in purchase_delete.php

CVE-2025-4743 MEDIUM

Employee Record System 1.0 - SQL Injection via /dashboard/getData.php keywords Parameter

CVE-2025-4741 HIGH

Campcodes Sales and Inventory System 1.0 - SQL Injection via Purchase Add Page ID Parameter

CVE-2025-4739 HIGH

projectworlds Hospital Database Management System 1.0 - SQL Injection via Med_ID Parameter

CVE-2025-4736 HIGH

PHPGurukul Daily Expense Tracker 1.1 - SQL Injection via Email Parameter in Register Endpoint

CVE-2025-4734 HIGH

Campcodes Sales and Inventory System 1.0 - SQL Injection via /pages/ci_update.php id/name Parameter

CVE-2025-4729 MEDIUM

TOTOLINK A3002R and A3002RU 3.0.0-B20230809.1615 - OS Command Injection via macstr Parameter

CVE-2025-4728 HIGH

Best Online News Portal 1.0 - SQL Injection via searchtitle Parameter

CVE-2025-4726 HIGH

Placement Management System 1.0 - SQL Injection via ID Parameter in view_student.php

CVE-2025-4725 HIGH

Placement Management System 1.0 - SQL Injection via ID Parameter in view_drive.php

CVE-2025-4724 HIGH

Placement Management System 1.0 - SQL Injection via /student_profile.php ID Parameter

Previous Page 114 of 193 Next

Details

Vulnerabilities 4,808

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy