Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,797 vulnerabilities with CWE-74

CVE-2025-11061 HIGH

Campcodes Online Learning Management System 1.0 - SQL Injection

CVE-2025-11057 HIGH

SourceCodester Pet Grooming Management Software 1.0 - SQL Injection

CVE-2025-11056 MEDIUM

ProjectsAndPrograms School Management System 1.0 - SQL Injection

CVE-2025-11055 HIGH

SourceCodester Online Hotel Reservation System 1.0 - SQL Injection

CVE-2025-11054 MEDIUM

itsourcecode Open Source Job Portal 1.0 - SQL Injection

CVE-2025-11053 HIGH

PHPGurukul Small CRM 4.0 - SQL Injection

CVE-2025-11052 HIGH

kidaze CourseSelectionSystem 1.0/5 - SQL Injection

CVE-2025-11045 HIGH

WAYOS LQ_04, LQ_05, LQ_06, LQ_07, LQ_09 22.03.17 - OS Command Injection via Name Parameter

CVE-2025-11041 MEDIUM

itsourcecode Open Source Job Portal 1.0 - SQL Injection

CVE-2025-11040 HIGH

Hostel Management System 1.0 - SQL Injection

CVE-2025-11039 HIGH

Campcodes Computer Sales & Inventory System 1.0 - SQL Injection

CVE-2025-11038 MEDIUM

isourcecode Online Clinic Management System 1.0 - SQL Injection

CVE-2025-11037 HIGH

Code-projects E-Commerce Website 1.0 - SQL Injection

CVE-2025-11036 HIGH

code-projects E-Commerce Website 1.0 - SQL Injection

CVE-2025-11033 HIGH

kidaze CourseSelectionSystem < 2017-06-18 - SQL Injection via COUNT3s7.php cbe Argument

CVE-2025-11032 HIGH

kidaze CourseSelectionSystem < 2017-06-18 - SQL Injection via CPU Argument in COUNT3s6.php

CVE-2025-10993 MEDIUM

muyucms < 2.7 - Remote Code Execution in Template Management

CVE-2025-10973 HIGH

JackieDYH Resume-management-system <fb6b857d852dd796e748ce30c606fe5...

CVE-2025-10967 HIGH

MuFen-mker PHP-Usermm <37f2d24e51b04346dfc565b93fc2fc6b37bdaea9 - S...

CVE-2025-10964 MEDIUM

Wavlink NU516U1 Firmware - OS Command Injection via remoteManagementEnabled Parameter

CVE-2025-10963 MEDIUM

Wavlink NU516U1 M16U1_V240425 - OS Command Injection via del_flag Parameter

CVE-2025-10962 MEDIUM

Wavlink NU516U1 M16U1_V240425 - OS Command Injection via SetName Page mac_5g Parameter

CVE-2025-10961 MEDIUM

Wavlink NU516U1 M16U1_V240425 - OS Command Injection via Delete_Mac_list Page

CVE-2025-10960 MEDIUM

Wavlink NU516U1 M16U1_V240425 - OS Command Injection via DeleteMac Page delete_list Parameter

CVE-2025-10959 MEDIUM

Wavlink NU516U1 M16U1_V240425 - OS Command Injection via dmz_flag Argument

Previous Page 63 of 192 Next

Details

Vulnerabilities 4,797

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy