Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,795 vulnerabilities with CWE-74

CVE-2026-0568 HIGH

Online Music Site 1.0 - SQL Injection via ViewSongs.php ID Parameter

CVE-2026-0567 HIGH

code-projects Content Management System 1.0 - SQL Injection via ID Parameter in pages.php

CVE-2026-0565 HIGH

code-projects Content Management System 1.0 - SQL Injection via del Parameter in admin/delete.php

CVE-2026-0546 HIGH

code-projects Content Management System 1.0 - SQL Injection via search.php Value Parameter

CVE-2026-0544 HIGH

itsourcecode School Management System 1.0 - SQL Injection via ID Parameter in /student/index.php

CVE-2025-27511 HIGH

GeoServer DB2 DataStore Extension has a JNDI Vulnerability via Store Connection

CVE-2025-8154 MEDIUM

HTTP Header Injection via Webhook API in Multiple WSO2 Products Allows Response Header Manipulation

CVE-2025-67486 HIGH

Dolibarr <=22.0.2 User Extrafields - Authenticated Code Execution

CVE-2025-13462 LOW

CPython Tarfile Archive Misinterpretation via AREGTYPE Block Normalization

CVE-2025-67733 HIGH

Valkey <9.0.2/8.1.6/8.0.7/7.2.12 - Info Disclosure

CVE-2025-41083 MEDIUM

Altitude <8.5.3290.0 - Open Redirect

CVE-2025-15496 MEDIUM

yshopmall < 1.9.1 - SQL Injection via /api/jobs sort Parameter

CVE-2025-15494 MEDIUM

DocSys < 2.02.37 - SQL Injection via Username Parameter

CVE-2025-15493 MEDIUM

docsys < 2.02.36 - SQL Injection via searchWord Parameter

CVE-2025-15492 MEDIUM

docsys < 2.02.36 - SQL Injection via searchWord Argument

CVE-2025-15450 MEDIUM

sfturing hosp_order - SQL Injection

CVE-2025-15443 MEDIUM

crmeb < 5.6.1 - SQL Injection via cate_id Parameter in Product Export

CVE-2025-15442 MEDIUM

crmeb < 5.6.1 - SQL Injection via cate_id Parameter in Product List Export

CVE-2025-15439 MEDIUM

Daptin 0.10.3 - SQL Injection via Aggregate API goqu.L Function

CVE-2025-15436 HIGH

Yonyou KSOA 9.0 - SQL Injection via Report Parameter in worksheet/work_edit.jsp

CVE-2025-15435 HIGH

Yonyou KSOA 9.0 - SQL Injection via /worksheet/work_update.jsp Report Parameter

CVE-2025-15434 HIGH

Yonyou KSOA 9.0 - SQL Injection via /kp/PrintZPYG.jsp zpjhid Parameter

CVE-2025-15425 HIGH

Yonyou KSOA 9.0 - SQL Injection via /worksheet/del_user.jsp ID Parameter

CVE-2025-15424 HIGH

Yonyou KSOA 9.0 - SQL Injection via worksheet/agent_worksdel.jsp ID Parameter

CVE-2025-15421 HIGH

Yonyou KSOA 9.0 - SQL Injection via worksheetagent_worksadd.jsp ID Parameter

Previous Page 39 of 192 Next

Details

Vulnerabilities 4,795

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy