Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,795 vulnerabilities with CWE-74

CVE-2025-11613 MEDIUM

Simple Food Ordering System 1.0 - SQL Injection via cname Parameter in addcategory.php

CVE-2025-11612 MEDIUM

Simple Food Ordering System 1.0 - SQL Injection via Category Parameter in addproduct.php

CVE-2025-11611 MEDIUM

SourceCodester Simple Inventory System 1.0 - SQL Injection via uemail Parameter

CVE-2025-11610 MEDIUM

SourceCodester Simple Inventory System 1.0 - SQL Injection via /brand.php editBrandName Parameter

CVE-2025-11608 HIGH

code-projects E-Banking System 1.0 - SQL Injection via Username/Password Parameter

CVE-2025-11606 MEDIUM

iPynch Social Network Website <b6933b6d7f82c84819abe458ccf0e59d6111...

CVE-2025-11605 MEDIUM

Client Details System 1.0 - SQL Injection via uid Parameter in update-profile.php

CVE-2025-11604 HIGH

projectworlds Online Ordering Food System 1.0 - SQL Injection via Status Parameter in all-orders.php

CVE-2025-11603 MEDIUM

Simple Food Ordering System 1.0 - SQL Injection via Category Parameter in /editproduct.php

CVE-2025-11601 HIGH

Online Student Result System 1.0 - SQL Injection via Username Parameter in login.php

CVE-2025-11600 MEDIUM

Simple Food Ordering System 1.0 - SQL Injection via editcategory.php cname Parameter

CVE-2025-11599 HIGH

Campcodes Online Apartment Visitor Management System 1.0 - SQL Injection via Forgot Password Email Parameter

CVE-2025-11597 MEDIUM

E-Commerce Website 1.0 - SQL Injection via prod_id Parameter in product_add_qty.php

CVE-2025-11596 HIGH

E-Commerce Website 1.0 - SQL Injection via order_id Parameter in delete_order_details.php

CVE-2025-11595 MEDIUM

Campcodes Online Apartment Visitor Management System 1.0 - SQL Injection via Mobile Number Parameter

CVE-2025-11593 MEDIUM

CodeAstro Gym Management System 1.0 - SQL Injection via Delete Equipment ID Parameter

CVE-2025-11592 MEDIUM

CodeAstro Gym Management System 1.0 - SQL Injection via /admin/edit-equipmentform.php ID Parameter

CVE-2025-11591 MEDIUM

CodeAstro Gym Management System 1.0 - SQL Injection via Delete Member ID Parameter

CVE-2025-11590 MEDIUM

CodeAstro Gym Management System 1.0 - SQL Injection via /admin/equipment-entry.php ename Parameter

CVE-2025-11589 MEDIUM

CodeAstro Gym Management System 1.0 - SQL Injection via /admin/user-payment.php Plan Parameter

CVE-2025-11588 MEDIUM

CodeAstro Gym Management System 1.0 - SQL Injection via fullname Parameter

CVE-2025-11585 HIGH

Project Monitoring System 1.0 - SQL Injection via uid Parameter in useredit.php

CVE-2025-11584 HIGH

Online Job Search Engine 1.0 - SQL Injection via txtspecialization Parameter

CVE-2025-11583 HIGH

Online Job Search Engine 1.0 - SQL Injection via txtjobID Parameter

CVE-2025-11582 HIGH

Online Job Search Engine 1.0 - SQL Injection via txtusername Parameter

Previous Page 57 of 192 Next

Details

Vulnerabilities 4,795

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy