Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,808 vulnerabilities with CWE-74

CVE-2024-11744 HIGH

1000 Projects Portfolio Management System MCA 1.0 - SQL Injection

CVE-2024-11663 HIGH

Codezips E-Commerce Site 1.0 - SQL Injection

CVE-2024-11659 MEDIUM

EnGenius ENH1350EXT, ENS500-AC, and ENS620EXT - OS Command Injection via iperf Argument

CVE-2024-11658 MEDIUM

EnGenius ENH1350EXT, ENS500-AC, and ENS620EXT <= 20241118 - OS Command Injection via countryCode Parameter

CVE-2024-11657 MEDIUM

EnGenius ENH1350EXT, ENS500-AC, and ENS620EXT - OS Command Injection via diag_nslookup Parameter

CVE-2024-11656 MEDIUM

EnGenius ENH1350EXT, ENS500-AC, and ENS620EXT - OS Command Injection via diag_ping6 Argument

CVE-2024-11655 MEDIUM

EnGenius ENH1350EXT, ENS500-AC, and ENS620EXT up to 20241118 - OS Command Injection via diag_ping Parameter

CVE-2024-11654 MEDIUM

EnGenius ENH1350EXT, ENS500-AC, and ENS620EXT - OS Command Injection via diag_traceroute6 Argument

CVE-2024-11653 MEDIUM

EnGenius ENH1350EXT, ENS500-AC, and ENS620EXT - OS Command Injection via diag_traceroute Parameter

CVE-2024-11652 MEDIUM

EnGenius ENH1350EXT, ENS500-AC, ENS620EXT - OS Command Injection via sn_https Parameter

CVE-2024-11651 MEDIUM

EnGenius ENH1350EXT, ENS500-AC, and ENS620EXT - OS Command Injection via wifi_schedule_day_em_5 Parameter

CVE-2024-11649 HIGH

1000 Projects Beauty Parlour Management System 1.0 - SQL Injection

CVE-2024-11648 HIGH

1000 Projects Beauty Parlour Management System 1.0 - SQL Injection

CVE-2024-11647 HIGH

1000 Projects Beauty Parlour Management System 1.0 - SQL Injection

CVE-2024-11646 HIGH

1000 Projects Beauty Parlour Management System 1.0 - SQL Injection

CVE-2024-11234 MEDIUM

PHP 8.1.0-8.1.30 - HTTP Request Smuggling via Proxy Stream URI Sanitization Bypass

CVE-2024-11632 HIGH

Simple Car Rental System 1.0 - SQL Injection

CVE-2024-11631 MEDIUM

itsourcecode Tailoring Management System 1.0 - SQL Injection

CVE-2024-11592 HIGH

1000 Projects Beauty Parlour Management System 1.0 - SQL Injection

CVE-2024-11591 HIGH

1000 Projects Beauty Parlour Management System 1.0 - SQL Injection

CVE-2024-11590 HIGH

1000 Projects Bookstore Management System 1.0 - SQL Injection

CVE-2024-11589 MEDIUM

itsourcecode Tailoring Management System 1.0 - SQL Injection

CVE-2024-11487 MEDIUM

Code4Berry Decoration Management System 1.0 - SQL Injection

CVE-2024-11305 MEDIUM

Altenergy Power Control Software <20241108 - SQL Injection

CVE-2024-11258 HIGH

1000projects Beauty Parlour Management System 1.0 - SQL Injection via Username Parameter

Previous Page 148 of 193 Next

Details

Vulnerabilities 4,808

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy