Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,808 vulnerabilities with CWE-74

CVE-2025-2951 MEDIUM

Bluestar Micro Mall 1.0 - SQL Injection

CVE-2025-2927 HIGH

ESAFENET CDG 5.6.3.154.205 - SQL Injection

CVE-2025-2916 MEDIUM

Aishida Call Center System <20250314 - Command Injection

CVE-2025-2854 MEDIUM

Payroll Management System 1.0 - SQL Injection via emp_type Parameter

CVE-2025-2852 MEDIUM

Food Ordering Management System <= 1.0 - SQL Injection via /admin/menus/view_menu.php ID Parameter

CVE-2025-2847 MEDIUM

Codezips Gym Management System 1.0 - SQL Injection via mm Parameter in /dashboard/admin/over_month.php

CVE-2025-2846 HIGH

SourceCodester Online Eyewear Shop 1.0 - SQL Injection via Registration ID Parameter

CVE-2025-29993 MEDIUM

PowerCMS 4.x < 4.58, 5.x < 5.27, 6.x < 6.6 - HTTP Header Injection

CVE-2025-2831 MEDIUM

mingyuefusu tushuguanlixitong up to d4836f6 SQL Injection via Book List Parameter

CVE-2025-2740 HIGH

PHPGurukul Old Age Home Management System 1.0 - SQL Injection via pagetitle Parameter

CVE-2025-2739 HIGH

PHPGurukul Old Age Home Management System 1.0 - SQL Injection via sertitle Parameter

CVE-2025-2738 HIGH

PHPGurukul Old Age Home Management System 1.0 - SQL Injection via namesc Parameter

CVE-2025-2737 HIGH

PHPGurukul Old Age Home Management System 1.0 - SQL Injection via Contactus Pagetitle Parameter

CVE-2025-2736 HIGH

PHPGurukul Old Age Home Management System 1.0 - SQL Injection via fromdate Parameter

CVE-2025-2735 HIGH

PHPGurukul Old Age Home Management System 1.0 - SQL Injection via sertitle Parameter

CVE-2025-2734 HIGH

PHPGurukul Old Age Home Management System 1.0 - SQL Injection via /admin/aboutus.php pagetitle Parameter

CVE-2025-2732 HIGH

H3C Magic NX15/NX30 Pro/NX400/R3010/BE18000 < V100R014 - OS Command Injection

CVE-2025-2731 HIGH

H3C Magic NX15, NX30 Pro, NX400, R3010, BE18000 < V100R014 - Command Injection via /api/wizard/getDualbandSync

CVE-2025-2730 HIGH

H3C Magic NX15/NX30 Pro/NX400/R3010/BE18000 < V100R014 - Command Injection via /api/wizard/getssidname

CVE-2025-2729 HIGH

H3C Magic NX15/NX30 Pro/NX400/R3010/BE18000 < V100R014 - OS Command Injection via /api/wizard/networkSetup

CVE-2025-2728 HIGH

H3C Magic NX30 Pro & Magic NX400 <V100R014 - Command Injection

CVE-2025-2727 HIGH

H3C Magic NX30 Pro <V100R007 - Command Injection

CVE-2025-2726 HIGH

H3C Magic NX15/NX30 Pro/NX400/R3010/BE18000 < V100R014 - OS Command Injection via /api/esps

CVE-2025-2725 HIGH

H3C Magic NX15/NX30 Pro/NX400/R3010/BE18000 < V100R014 - OS Command Injection

CVE-2025-2684 HIGH

PHPGurukul Bank Locker Management System 1.0 - SQL Injection

Previous Page 129 of 193 Next

Details

Vulnerabilities 4,808

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy