Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,808 vulnerabilities with CWE-74

CVE-2025-4695 MEDIUM

PHPGurukul/Campcodes Cyber Cafe Management System 1.0 - SQL Injection

CVE-2025-32390 HIGH

EspoCRM < 9.0.8 - Authenticated HTML Injection in Knowledge Base Articles

CVE-2025-4554 HIGH

PHPGurukul Apartment Visitors Management System 1.0 - SQL Injection via fromdate/todate Parameters

CVE-2025-4553 HIGH

PHPGurukul Apartment Visitors Management System 1.0 - SQL Injection via fromdate/todate Parameters

CVE-2025-4550 HIGH

PHPGurukul Apartment Visitors Management System 1.0 - SQL Injection via /admin/pass-details.php pid Parameter

CVE-2025-4549 HIGH

Campcodes Online Food Ordering System 1.0 - SQL Injection via Name Parameter in Register Router

CVE-2025-4548 HIGH

Campcodes Online Food Ordering System 1.0 - SQL Injection via Username Parameter in router.php

CVE-2025-4546 MEDIUM

1Panel-dev MaxKB <1.10.7 - CSV Injection

CVE-2025-4543 HIGH

LyLme Spage 2.1 - SQL Injection via sort Argument

CVE-2025-4541 MEDIUM

lmxcms 1.41 - SQL Injection via POST Request Handler sortid Parameter

CVE-2025-4531 MEDIUM

Seeyon Zhiyuan OA Web Application System 8.1 SP2 - Remote Code Injection via payrollId Argument

CVE-2025-4514 MEDIUM

mayicms < 5.8e - SQL Injection via /javascript.php Value Parameter

CVE-2025-4510 MEDIUM

Changjietong UFIDA CRM 1.0 - SQL Injection

CVE-2025-4509 HIGH

PHPGurukul e-Diary Management System 1.0 - SQL Injection via ID Parameter in manage-notes.php

CVE-2025-4508 HIGH

PHPGurukul e-Diary Management System 1.0 - SQL Injection via fname Parameter

CVE-2025-4507 HIGH

Campcodes Online Food Ordering System 1.0 - SQL Injection via Price Parameter in add-item.php

CVE-2025-4506 HIGH

Campcodes Online Food Ordering System 1.0 - SQL Injection via menu-router.php 1_price Parameter

CVE-2025-4505 HIGH

PHPGurukul Apartment Visitors Management System 1.0 - SQL Injection via categoryname Parameter

CVE-2025-4504 HIGH

Online College Library System 1.0 - SQL Injection via Category Parameter

CVE-2025-4503 HIGH

Campcodes Sales and Inventory System 1.0 - SQL Injection via Customer Update ID Parameter

CVE-2025-4502 HIGH

Campcodes Sales and Inventory System 1.0 - SQL Injection via /pages/creditor_add.php

CVE-2025-4492 HIGH

Campcodes Online Food Ordering System 1.0 - SQL Injection via ticket_id Parameter

CVE-2025-4491 HIGH

Campcodes Online Food Ordering System 1.0 - SQL Injection via ticket_id Parameter

CVE-2025-4490 HIGH

Campcodes Online Food Ordering System 1.0 - SQL Injection via /view-ticket-admin.php ID Parameter

CVE-2025-4489 HIGH

Campcodes Online Food Ordering System 1.0 - SQL Injection via t1_verified Parameter

Previous Page 116 of 193 Next

Details

Vulnerabilities 4,808

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy