Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,795 vulnerabilities with CWE-74

CVE-2026-3955 MEDIUM

elecV2P <= 3.8.3 - Remote Code Execution via runJSFile Function

CVE-2026-29777 MEDIUM

Traefik <3.6.10 - Command Injection

CVE-2026-3944 HIGH

itsourcecode University Management System 1.0 - SQL Injection

CVE-2026-3943 HIGH

H3C ACG1000-AK230 <=20260227 - Command Injection

CVE-2026-31816 CRITICAL

Budibase < 3.31.4 - Unauthenticated API Access Bypass via Webhook Path Query String

CVE-2026-3818 HIGH

Tiandy Easy7 CMS 7.17.0 - SQL Injection

CVE-2026-3813 MEDIUM

opencc JFlow - Injection in WF_CCForm Calculate Function

CVE-2026-3806 MEDIUM

janobe Resort Reservation System 1.0 - SQL Injection

CVE-2026-3798 MEDIUM

Comfast CF-AC100 2.6.0.8 - Command Injection

CVE-2026-3793 MEDIUM

SourceCodester Sales and Inventory System 1.0 - SQL Injection

CVE-2026-3792 MEDIUM

SourceCodester Sales and Inventory System 1.0 - SQL Injection

CVE-2026-3791 MEDIUM

SourceCodester Sales and Inventory System 1.0 - SQL Injection

CVE-2026-3790 MEDIUM

SourceCodester Sales and Inventory System 1.0 - SQL Injection

CVE-2026-3786 MEDIUM

easycms < 1.6 - SQL Injection via _order Parameter in Request Parameter Handler

CVE-2026-3785 MEDIUM

easycms < 1.6 - SQL Injection via _order Parameter in RbacnodeAction.class.php

CVE-2026-3771 MEDIUM

janobe Resort Reservation System 1.0 - SQL Injection

CVE-2026-3767 MEDIUM

itsourcecode sanitize 1.0 - SQL Injection

CVE-2026-3765 HIGH

itsourcecode University Management System 1.0 - SQL Injection

CVE-2026-3760 HIGH

itsourcecode University Management System 1.0 - SQL Injection

CVE-2026-3759 HIGH

Online Art Gallery Shop 1.0 - SQL Injection

CVE-2026-3758 HIGH

Online Art Gallery Shop 1.0 - SQL Injection

CVE-2026-3757 HIGH

Online Art Gallery Shop 1.0 - SQL Injection

CVE-2026-3756 MEDIUM

SourceCodester Sales and Inventory System <1.0 - SQL Injection

CVE-2026-3755 MEDIUM

SourceCodester Sales and Inventory System 1.0 - SQL Injection

CVE-2026-3754 MEDIUM

SourceCodester Sales and Inventory System 1.0 - SQL Injection

Previous Page 27 of 192 Next

Details

Vulnerabilities 4,795

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy