CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,808 vulnerabilities with CWE-74
CVE-2025-3540 HIGH
H3C Magic NX15-400 & R3010 - Command Injection
CVSS 8.0
CVE-2025-3539 HIGH
H3C Magic NX15, NX30 Pro, NX400, R3010, BE18000 < V100R014 - Command Injection via FCGI_CheckStringIfContainsSemicolon
CVSS 8.0
CVE-2025-3534 MEDIUM
PowerCreator CMS 1.0 - SQL Injection
CVSS 6.3
CVE-2025-32699 LOW
MediaWiki <1.39.12, 1.42.6, 1.43.1 - Code Injection
CVE-2025-3402 MEDIUM
Seeyon Zhiyuan Interconnect FE 5.5.2 SQL Injection via /sysform/042/check.js%70
CVSS 6.3
CVE-2025-3401 HIGH
ESAFENET CDG 5.6.3.154.205_20250114 - SQL Injection via noticeId Parameter
CVSS 7.3
CVE-2025-3400 HIGH
ESAFENET CDG 5.6.3.154.205_20250114 - SQL Injection via typename Parameter in UnChkMailApplication.jsp
CVSS 7.3
CVE-2025-3399 HIGH
ESAFENET CDG 5.6.3.154.205_20250114 - SQL Injection
CVSS 7.3
CVE-2025-3384 HIGH
1000 Projects HRMS 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3383 HIGH
Web-based Pharmacy Product Management System 1.0 - SQL Injection via Name Parameter in search_sales.php
CVSS 7.3
CVE-2025-3382 MEDIUM
joey-zhou xiaozhi-esp32-server-java <a14fe8115842ee42ab5c7a51706b8a...
CVSS 6.3
CVE-2025-3370 HIGH
PHPGurukul Men Salon Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3369 MEDIUM
xxyopen Novel-Plus 5.1.0 - SQL Injection
CVSS 6.3
CVE-2025-3353 HIGH
PHPGurukul Men Salon Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3352 HIGH
PHPGurukul Old Age Home Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3351 HIGH
PHPGurukul Old Age Home Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3350 HIGH
PHPGurukul Old Age Home Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3348 MEDIUM
Patient Record Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-3347 MEDIUM
Patient Record Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-3345 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3344 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3343 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3342 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3341 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-3340 HIGH
Codeprojects Online Restaurant Management System 1.0 - SQL Injection
CVSS 7.3
Details
Vulnerabilities 4,808
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits