Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,808 vulnerabilities with CWE-74

CVE-2024-12952 MEDIUM

melMass comfy_mtb <0.1.4 - Code Injection

CVE-2024-12950 MEDIUM

code-projects Travel Management System 1.0 - SQL Injection via subcat.php catid Parameter

CVE-2024-12949 MEDIUM

code-projects Travel Management System 1.0 - SQL Injection via subcatid Parameter in package.php

CVE-2024-12948 MEDIUM

code-projects Travel Management System 1.0 - SQL Injection via /detail.php pid Parameter

CVE-2024-12947 MEDIUM

Codezips Hospital Management System 1.0 - SQL Injection via invo.php dname Parameter

CVE-2024-12946 HIGH

1000 Projects Attendance Tracking Management System 1.0 - SQL Injection via admin_user_name Parameter

CVE-2024-12945 HIGH

code-projects Simple Car Rental System 1.0 - SQL Injection via Email/Pass Parameter

CVE-2024-12944 HIGH

CodeAstro House Rental Management System 1.0 - SQL Injection via /signin.php u/p Parameters

CVE-2024-12943 HIGH

CodeAstro House Rental Management System 1.0 - SQL Injection via /ownersignup.php Parameter Manipulation

CVE-2024-12942 HIGH

1000 Projects Portfolio Management System MCA 1.0 - SQL Injection via Admin Login

CVE-2024-12941 MEDIUM

CodeAstro Blood Donor Management System 1.0 - SQL Injection via /pages/deletedannounce.php id Parameter

CVE-2024-12940 HIGH

1000 Projects Attendance Tracking Management System 1.0 - SQL Injection via student_id Parameter

CVE-2024-12939 MEDIUM

Job Recruitment 1.0 - SQL Injection via Degree Parameter in add_edu Function

CVE-2024-12938 MEDIUM

code-projects Simple Admin Panel 1.0 - SQL Injection via updateOrderStatus.php Record Parameter

CVE-2024-12937 MEDIUM

code-projects Simple Admin Panel 1.0 - SQL Injection via qty Parameter in addVariationController.php

CVE-2024-12936 MEDIUM

code-projects Simple Admin Panel 1.0 - SQL Injection via catDeleteController.php Record Argument

CVE-2024-12935 MEDIUM

code-projects Simple Admin Panel 1.0 - SQL Injection via editItemForm.php Record Argument

CVE-2024-12934 MEDIUM

code-projects Simple Admin Panel 1.0 - SQL Injection via updateItemController.php p_desk Parameter

CVE-2024-12931 MEDIUM

code-projects Simple Admin Panel 1.0 - SQL Injection via /addCatController.php size Parameter

CVE-2024-12929 MEDIUM

code-projects Student Management System 1.0.00 - SQL Injection via addCatController.php Size Parameter

CVE-2024-12928 MEDIUM

code-projects Simple Admin Panel 1.0 - SQL Injection via c_name Argument

CVE-2024-12927 HIGH

1000 Projects Attendance Tracking Management System 1.0 - SQL Injection via faculty_emailid Parameter

CVE-2024-12926 MEDIUM

Codezips Project Management System 1.0 - SQL Injection via Advanced Form Name Parameter

CVE-2024-12900 MEDIUM

FoxCMS < 1.2 - Remote Code Injection via Database Password Parameter

CVE-2024-12899 HIGH

1000 Projects Attendance Tracking Management System 1.0 - SQL Injection via course_code Parameter

Previous Page 145 of 193 Next

Details

Vulnerabilities 4,808

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy