Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,808 vulnerabilities with CWE-74

CVE-2025-3998 HIGH

CodeAstro Membership Mgmt 1.0 - SQL Injection

CVE-2025-3987 MEDIUM

TOTOLINK N150RT 3.4.0-B20190525 - Command Injection

CVE-2025-3984 MEDIUM

Apereo CAS 5.2.6 - Code Injection in Groovy Code Handler

CVE-2025-3983 MEDIUM

AMTT Hotel Broadband Operation System 1.0 - Command Injection

CVE-2025-3976 HIGH

PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection

CVE-2025-3974 HIGH

PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection

CVE-2025-3973 HIGH

PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection

CVE-2025-3972 HIGH

PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection

CVE-2025-3971 HIGH

PHPGurukul COVID19 Testing Management System 1.0 - SQL Injection

CVE-2025-3968 MEDIUM

codeprojects News Publishing Site Dashboard 1.0 - SQL Injection

CVE-2025-3957 MEDIUM

opplus springboot-admin 1.0 - SQL Injection

CVE-2025-3956 MEDIUM

novel-cloud 1.4.0 - SQL Injection via BookInfoMapper.xml RestResp Function

CVE-2025-3955 MEDIUM

Codeprojects Patient Record Management System 1.0 - SQL Injection

CVE-2025-3856 MEDIUM

xxyopen Novel-Plus 5.1.0 - SQL Injection via searchByPage Sort Parameter

CVE-2025-3847 HIGH

markparticle WebServer <= 1.0 - SQL Injection via Login Username/Password Parameter

CVE-2025-3846 HIGH

markparticle WebServer <= 1.0 - SQL Injection via Registration Username/Password

CVE-2025-3842 MEDIUM

panhainan DS-Java 1.0 - Remote Code Execution via File Upload Parameter

CVE-2025-43955 LOW

Convertigo < 8.3.4 - Exposed Dangerous Method via TwsCachedXPathAPI

CVE-2025-3829 HIGH

PHPGurukul Men Salon Management System 1.0 - SQL Injection via fromdate/todate Parameters

CVE-2025-3828 HIGH

PHPGurukul Men Salon Management System 1.0 - SQL Injection via Remark Parameter

CVE-2025-3827 HIGH

PHPGurukul Men Salon Management System 1.0 - SQL Injection via Forgot Password Email Parameter

CVE-2025-3819 HIGH

PHPGurukul Men Salon Management System 1.0 - SQL Injection via searchdata Parameter

CVE-2025-3818 MEDIUM

web.py 0.70 - SQL Injection via PostgresDB._process_insert_query

CVE-2025-3817 MEDIUM

SourceCodester Online Eyewear Shop 1.0 - SQL Injection via ID Parameter in Master.php

CVE-2025-3805 MEDIUM

sarrionandia tournatrack - Code Injection

Previous Page 122 of 193 Next

Details

Vulnerabilities 4,808

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy