CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,808 vulnerabilities with CWE-74
CVE-2024-13007 MEDIUM
Codezips Event Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2024-13006 HIGH
1000 Projects Human Resource Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2024-13005 MEDIUM
1000 Projects Attendance Tracking Management System 1.0 - SQL Injection via attendance_id Parameter
CVSS 6.3
CVE-2024-13004 HIGH
PHPGurukul Complaint Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2024-13003 MEDIUM
1000 Projects Portfolio Management System MCA 1.0 - SQL Injection
CVSS 6.3
CVE-2024-13002 HIGH
1000 Projects Bookstore Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2024-13001 MEDIUM
PHPGurukul Small CRM 1.0 - SQL Injection
CVSS 6.3
CVE-2024-13000 MEDIUM
PHPGurukul Small CRM 1.0 - SQL Injection
CVSS 6.3
CVE-2024-12999 MEDIUM
PHPGurukul Small CRM 1.0 - SQL Injection via /admin/edit-user.php id Parameter
CVSS 6.3
CVE-2024-12981 MEDIUM
CodeAstro Car Rental System 1.0 - SQL Injection via bookingconfirm.php driver_id_from_dropdown Parameter
CVSS 6.3
CVE-2024-12978 HIGH
Job Recruitment 1.0 - SQL Injection via jid/limit Parameter in add_req Function
CVSS 7.3
CVE-2024-12977 MEDIUM
PHPGurukul Complaint Management System 1.0 - SQL Injection via /admin/state.php State Parameter
CVSS 6.3
CVE-2024-12976 HIGH
CodeZips Hospital Management System 1.0 - SQL Injection via tel Parameter in staff.php
CVSS 7.3
CVE-2024-12969 HIGH
Hospital Management System 1.0 - SQL Injection via Login Username/Password Parameter
CVSS 7.3
CVE-2024-12968 HIGH
code-projects Job Recruitment 1.0 - SQL Injection via edit_jobpost Function
CVSS 7.3
CVE-2024-12967 HIGH
code-projects Job Recruitment 1.0 - SQL Injection via fname/lname Argument in fln_update Function
CVSS 7.3
CVE-2024-12966 HIGH
code-projects Job Recruitment 1.0 - SQL Injection via cname/url Argument in cn_update Function
CVSS 7.3
CVE-2024-12965 HIGH
1000 Projects Portfolio Management System MCA 1.0 - SQL Injection via /update_ex_detail.php q Parameter
CVSS 7.3
CVE-2024-12964 HIGH
1000 Projects Daily College Class Work Report Book 1.0 - SQL Injection via /login.php User Parameter
CVSS 7.3
CVE-2024-12963 HIGH
code-projects Job Recruitment 1.0 - SQL Injection via job_company Parameter in add_xp Function
CVSS 7.3
CVE-2024-12962 HIGH
Job Recruitment 1.0 - SQL Injection via Skillset Parameter
CVSS 7.3
CVE-2024-12961 HIGH
1000projects Portfolio Management System MCA 1.0 - SQL Injection via /update_ach_details.php q Parameter
CVSS 7.3
CVE-2024-12960 HIGH
1000 Projects Portfolio Management System MCA 1.0 - SQL Injection via /update_edu_details.php q Parameter
CVSS 7.3
CVE-2024-12959 HIGH
1000 Projects Portfolio Management System MCA 1.0 - SQL Injection via /update_personal_details.php q Parameter
CVSS 7.3
CVE-2024-12958 HIGH
1000projects Portfolio Management System MCA 1.0 - SQL Injection via /update_pro_details.php q Parameter
CVSS 7.3
Details
Vulnerabilities 4,808
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits