CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,808 vulnerabilities with CWE-74
CVE-2025-4074 HIGH
PHPGurukul Curfew e-Pass Management System 1.0 - SQL Injection via fromdate/todate Parameter
CVSS 7.3
CVE-2025-4073 HIGH
PHPGurukul Student Record System 3.20 - SQL Injection via Change Password Current Password Parameter
CVSS 7.3
CVE-2025-4072 MEDIUM
PHPGurukul Online Nurse Hiring System 1.0 - SQL Injection via /admin/edit-nurse.php
CVSS 6.3
CVE-2025-4071 HIGH
PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection via Status Parameter
CVSS 7.3
CVE-2025-4070 HIGH
PHPGurukul Rail Pass Management System 1.0 - SQL Injection via editid Parameter
CVSS 7.3
CVE-2025-4060 HIGH
PHPGurukul Notice Board System 1.0 - SQL Injection via catname Parameter
CVSS 7.3
CVE-2025-4058 HIGH
Projectworlds Online Examination System 1.0 - SQL Injection via Pat_BloodGroup1 Parameter
CVSS 7.3
CVE-2025-4039 HIGH
PHPGurukul Rail Pass Management System 1.0 - SQL Injection via searchdata Parameter
CVSS 7.3
CVE-2025-4034 HIGH
projectworlds Online Examination System 1.0 - SQL Injection via Doc_ID Parameter
CVSS 7.3
CVE-2025-4033 HIGH
PHPGurukul Nipah Virus Testing Management System 1.0 - SQL Injection via Patient Search Report Parameter
CVSS 7.3
CVE-2025-4031 HIGH
PHPGurukul Pre-School Enrollment System 1.0 - SQL Injection via pagetitle Parameter
CVSS 7.3
CVE-2025-4030 HIGH
PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection via Search Report Result Parameter
CVSS 7.3
CVE-2025-4028 HIGH
PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection via Profile Mobile Number Parameter
CVSS 7.3
CVE-2025-4027 HIGH
PHPGurukul Old Age Home Management System 1.0 - SQL Injection via pagetitle Parameter
CVSS 7.3
CVE-2025-4026 HIGH
PHPGurukul Nipah Virus Testing Management System 1.0 - SQL Injection via Profile Adminname or Mobilenumber Parameter
CVSS 7.3
CVE-2025-4025 HIGH
Placement Management System 1.0 - SQL Injection via Name Parameter in registration.php
CVSS 7.3
CVE-2025-4024 HIGH
Placement Management System 1.0 - SQL Injection via drive_title Parameter
CVSS 7.3
CVE-2025-4023 HIGH
Placement Management System 1.0 - SQL Injection via Name Parameter in add_company.php
CVSS 7.3
CVE-2025-4022 MEDIUM
webarena < 0.2.0 - Remote Code Execution via HTMLContentEvaluator URL Argument
CVSS 6.3
CVE-2025-4021 MEDIUM
code-projects Patient Record Management System 1.0 - SQL Injection via ID Parameter in /edit_spatient.php
CVSS 6.3
CVE-2025-4020 HIGH
PHPGurukul Old Age Home Management System 1.0 - SQL Injection via contact.php fname Parameter
CVSS 7.3
CVE-2025-4014 HIGH
PHPGurukul Art Gallery Management System 1.0 - SQL Injection via /admin/manage-art-medium.php artmed Parameter
CVSS 7.3
CVE-2025-4013 HIGH
PHPGurukul Art Gallery Management System 1.0 - SQL Injection via pagetitle Parameter
CVSS 7.3
CVE-2025-4005 HIGH
PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection via Patient Report Search Parameter
CVSS 7.3
CVE-2025-4004 HIGH
PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection via Password Recovery Username/Contact Parameter
CVSS 7.3
Details
Vulnerabilities 4,808
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits