CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,808 vulnerabilities with CWE-74
CVE-2025-2126 MEDIUM
JoomlaUX JUX Real Estate 3.4.0 - SQL Injection
CVSS 6.3
CVE-2025-2118 HIGH
Quantico Tecnologia PRMV 6.48 - SQL Injection
CVSS 7.3
CVE-2025-2117 MEDIUM
Beijing Founder Electronics Founder Enjoys All-Media Acquisition an...
CVSS 6.3
CVE-2025-2113 HIGH
AT Software Solutions ATSVD <3.4.1 - SQL Injection
CVSS 7.3
CVE-2025-2112 MEDIUM
user-xiangpeng yaoqishan < 2020-02-29 - SQL Injection via getMediaLisByFilter typeId Parameter
CVSS 6.3
CVE-2025-2088 HIGH
PHPGurukul Pre-School Enrollment System <= 1.0 - SQL Injection via Profile Parameter Manipulation
CVSS 7.3
CVE-2025-2067 HIGH
projectworlds Life Insurance Management System 1.0 - SQL Injection via search.php key Parameter
CVSS 7.3
CVE-2025-2066 HIGH
projectworlds Life Insurance Management System 1.0 - SQL Injection via agent_id Parameter
CVSS 7.3
CVE-2025-2065 HIGH
projectworlds Life Insurance Management System 1.0 - SQL Injection via /editAgent.php agent_id Parameter
CVSS 7.3
CVE-2025-2064 HIGH
projectworlds Life Insurance Management System 1.0 - SQL Injection via recipt_no Parameter
CVSS 7.3
CVE-2025-2063 HIGH
projectworlds Life Insurance Management System 1.0 - SQL Injection via /deleteNominee.php nominee_id Parameter
CVSS 7.3
CVE-2025-2062 HIGH
projectworlds Life Insurance Management System 1.0 - SQL Injection via client_id Parameter in clientStatus.php
CVSS 7.3
CVE-2025-2060 HIGH
PHPGurukul Emergency Ambulance Hiring Portal 1.0 - SQL Injection via Admin Profile Contact Number Parameter
CVSS 7.3
CVE-2025-2059 HIGH
PHPGurukul Emergency Ambulance Hiring Portal 1.0 - SQL Injection via ambulanceregnum Parameter
CVSS 7.3
CVE-2025-2058 HIGH
PHPGurukul Emergency Ambulance Hiring Portal 1.0 - SQL Injection via searchdata Parameter
CVSS 7.3
CVE-2025-2057 HIGH
PHPGurukul Emergency Ambulance Hiring Portal 1.0 - SQL Injection via pagedes Parameter
CVSS 7.3
CVE-2025-2054 MEDIUM
code-projects Blood Bank Management System 1.0 - SQL Injection via state_id Parameter in edit_state.php
CVSS 4.7
CVE-2025-2053 MEDIUM
PHPGurukul Apartment Visitors Management System 1.0 - SQL Injection via editid Parameter
CVSS 6.3
CVE-2025-2052 MEDIUM
PHPGurukul Apartment Visitors Management System 1.0 - SQL Injection via Forgot Password Contact Number Parameter
CVSS 6.3
CVE-2025-2051 MEDIUM
PHPGurukul Apartment Visitors Management System 1.0 - SQL Injection via searchdata Parameter
CVSS 6.3
CVE-2025-2050 HIGH
PHPGurukul User Registration & Login and User Management System 3.3 - SQL Injection via Email Parameter in Login
CVSS 7.3
CVE-2025-2046 MEDIUM
Best Employee Management System 1.0 - SQL Injection via /admin/print1.php id Parameter
CVSS 6.3
CVE-2025-2044 MEDIUM
Blood Bank Management System 1.0 - SQL Injection via blood_id Parameter
CVSS 4.7
CVE-2025-2041 MEDIUM
s-a-zhd Ecommerce-Website-using-PHP 1.0 - SQL Injection via p_cat Parameter
CVSS 6.3
CVE-2025-2039 MEDIUM
code-projects Blood Bank Management System 1.0 - SQL Injection via member_id Parameter
CVSS 4.7
Details
Vulnerabilities 4,808
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits