CWE-74
High likelihoodImproper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
4,792 vulnerabilities with CWE-74
CVE-2026-10253
HIGH
itsourcecode Online House Rental System manage_payment.php sql injection
CVSS 7.3
CVE-2026-10252
HIGH
itsourcecode Online House Rental System manage_tenant.php sql injection
CVSS 7.3
CVE-2026-10251
HIGH
itsourcecode Online House Rental System ajax.php login sql injection
CVSS 7.3
CVE-2026-10250
HIGH
itsourcecode Online Blood Bank Management System campsdetails.php sql injection
CVSS 7.3
CVE-2026-10249
HIGH
itsourcecode Online Blood Bank Management System viewrequest.php sql injection
CVSS 7.3
CVE-2026-10248
MEDIUM
SourceCodester Pharmacy Sales and Inventory System Supplier Creation export create_supplier csv injection
CVSS 4.7
CVE-2026-10242
MEDIUM
itsourcecode Content Management System instructions.php sql injection
CVSS 6.3
CVE-2026-10237
MEDIUM
SourceCodester Water Billing Management System User Management manage_user sql injection
CVSS 4.7
CVE-2026-10235
MEDIUM
CodeAstro Ingredients Stock Management System stock_manager.php sql injection
CVSS 6.3
CVE-2026-10227
HIGH
raisulislamg4 student_management_system_by_php User Creation add_user_check.php sql injection
CVSS 7.3
CVE-2026-10226
HIGH
raisulislamg4 student_management_system_by_php delete.php sql injection
CVSS 7.3
CVE-2026-10225
HIGH
raisulislamg4 student_management_system_by_php Login login_check.php sql injection
CVSS 7.3
CVE-2026-10223
MEDIUM
NousResearch hermes-agent memory_tool.py _scan_memory_content injection
CVSS 6.3
CVE-2026-10222
MEDIUM
NousResearch hermes-agent config.py _sanitize_env_lines injection
CVSS 5.6
CVE-2026-10221
HIGH
NousResearch hermes-agent run_agent.py _compress_context injection
CVSS 7.3
CVE-2026-10220
HIGH
NousResearch hermes-agent skills_tool.py skill_view injection
CVSS 7.3
CVE-2026-10210
MEDIUM
AstrBotDevs AstrBot skill_manager.py _sanitize_prompt_description injection
CVSS 6.3
CVE-2026-10209
MEDIUM
code-projects Online Hospital Management System Appointment appointmentdetail.php sql injection
CVSS 6.3
CVE-2026-10208
HIGH
code-projects Online Hospital Management System login_1.php login_user sql injection
CVSS 7.3
CVE-2026-10204
MEDIUM
OFCMS JSON Query SysUserController.java query sql injection
CVSS 6.3
CVE-2026-10203
MEDIUM
OFCMS JSON Query SystemParamController.java query sql injection
CVSS 6.3
CVE-2026-10202
MEDIUM
OFCMS JSON Query SystemDictController.java query sql injection
CVSS 6.3
CVE-2026-10193
MEDIUM
OFCMS ComnController ComnController.java query sql injection
CVSS 6.3
CVE-2026-10186
HIGH
code-projects Online Hospital Management System patient.php sql injection
CVSS 7.3
CVE-2026-10185
HIGH
SourceCodester Hospitals Patient Records Management System Users.php save sql injection
CVSS 7.3
Details
Vulnerabilities
4,792
Exploit Likelihood
High