Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,795 vulnerabilities with CWE-74

CVE-2026-4470 MEDIUM

itsourcecode Online Frozen Foods Ordering System admin_edit_menu.php sql injection

CVE-2026-4469 MEDIUM

itsourcecode Online Frozen Foods Ordering System admin_edit_menu_action.php sql injection

CVE-2026-4468 MEDIUM

Comfast CF-AC100 mbox-config command injection

CVE-2026-4467 MEDIUM

Comfast CF-AC100 mbox-config command injection

CVE-2026-4466 MEDIUM

Comfast CF-AC100 mbox-config command injection

CVE-2026-30874 HIGH

OpenWrt procd PATH Environment Variable Filter Bypass via Incorrect String Comparison Leads to Privilege Escalation

CVE-2026-32622 HIGH

SQLBot: Remote Code Execution via Terminology Poisoning

CVE-2026-4319 HIGH

code-projects Simple Food Order System add-item.php sql injection

CVE-2026-4289 HIGH

Tiandy Easy7 Integrated Management Platform getRecByTemplateId sql injection

CVE-2026-4288 HIGH

Tiandy Easy7 Integrated Management Platform Endpoint getDevDetailedInfo sql injection

CVE-2026-4287 HIGH

Tiandy Easy7 Integrated Management Platform Endpoint queryResources sql injection

CVE-2026-4241 MEDIUM

itsourcecode College Management System time-table.php sql injection

CVE-2026-4238 MEDIUM

itsourcecode College Management System courses.php sql injection

CVE-2026-4237 HIGH

itsourcecode Free Hotel Reservation System index.php sql injection

CVE-2026-4236 HIGH

itsourcecode Online Enrollment System index.php sql injection

CVE-2026-4235 HIGH

itsourcecode Online Enrollment System login.php sql injection

CVE-2026-4234 MEDIUM

SSCMS DDL SitesAddController.Submit.cs sql injection

CVE-2026-4232 HIGH

Tiandy Integrated Management Platform getAuthorityByUserId sql injection

CVE-2026-4230 MEDIUM

vanna-ai vanna Endpoint __init__.py update_sql sql injection

CVE-2026-4229 HIGH

vanna-ai vanna bigquery_vector.py remove_training_data sql injection

CVE-2026-4228 MEDIUM

LB-LINK BL-WR9000 set_wifi sub_458754 command injection

CVE-2026-4223 HIGH

itsourcecode Payroll Management System manage_employee.php sql injection

CVE-2026-4210 MEDIUM

D-Link DNS-1550-04 time_machine.cgi cgi_tm_set_share command injection

CVE-2026-4209 MEDIUM

D-Link DNS-1550-04 account_mgr.cgi cgi_chg_admin_pw command injection

CVE-2026-4207 MEDIUM

D-Link DNS-1550-04 system_mgr.cgi cgi_ntp_time command injection

Previous Page 25 of 192 Next

Details

Vulnerabilities 4,795

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy