Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,516 vulnerabilities with CWE-74

CVE-2026-7130 HIGH

SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

CVE-2026-7128 HIGH

SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

CVE-2026-7127 HIGH

SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

CVE-2026-7126 HIGH

SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

CVE-2026-7118 MEDIUM

code-projects Employee Management System cancel.php sql injection

CVE-2026-7117 MEDIUM

code-projects Employee Management System approve.php sql injection

CVE-2026-7115 MEDIUM

code-projects Employee Management System delete.php sql injection

CVE-2026-7114 MEDIUM

code-projects Employee Management System edit.php sql injection

CVE-2026-7102 MEDIUM

Tenda F456 httpd WriteFacMac FromWriteFacMac command injection

CVE-2026-7088 HIGH

SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

CVE-2026-7087 HIGH

SourceCodester Pharmacy Sales and Inventory System ajax.php sql injection

CVE-2026-7083 MEDIUM

likeadmin-likeshop likeadmin_php dataTable Admin API DataTableLists.php queryResult sql injection

CVE-2026-7077 HIGH

itsourcecode Courier Management System edit_parcel.php sql injection

CVE-2026-7076 HIGH

itsourcecode Courier Management System edit_branch.php sql injection

CVE-2026-7075 HIGH

itsourcecode Construction Management System locations.php sql injection

CVE-2026-7074 HIGH

itsourcecode Construction Management System execute1.php sql injection

CVE-2026-7073 HIGH

itsourcecode Construction Management System execute.php sql injection

CVE-2026-7072 HIGH

CodePanda Source canteen_management_system login.php sql injection

CVE-2026-7070 HIGH

code-projects Inventory Management System Login sql injection

CVE-2026-7067 HIGH

D-Link DIR-822 udhcpd DHCP Service dhcpd.c system command injection

CVE-2026-7063 HIGH

code-projects Employee Management System Endpoint eprocess.php sql injection

CVE-2026-7060 HIGH

liyupi yu-picture MyBatis-Plus PictureServiceImpl.java PageRequest sql injection

CVE-2026-7058 HIGH

666ghj MiroFish Inter-Process Communication simulation_ipc.py SimulationIPCClient.send_command command injection

CVE-2026-7045 MEDIUM

baomidou dynamic-datasource StandardEvaluationContext/SpelExpressionParser DsSpelExpressionProcessor.java DsSpelExpressionProcessor#doDetermineDatasource injection

CVE-2026-7039 HIGH

tufantunc ssh-mcp index.ts shell.write command injection

Previous Page 3 of 181 Next

Details

Vulnerabilities 4,516

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy