CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,797 vulnerabilities with CWE-74
CVE-2025-10813 HIGH
Hostel Management System 1.0 - SQL Injection via Home Parameter
CVSS 7.3
CVE-2025-10812 HIGH
Hostel Management System 1.0 - SQL Injection via ID Parameter in Admin Amenities View
CVSS 7.3
CVE-2025-10811 HIGH
Hostel Management System 1.0 - SQL Injection via ID Parameter in mod_comments
CVSS 7.3
CVE-2025-10810 HIGH
Campcodes Online Learning Management System 1.0 - SQL Injection via Firstname Parameter in Edit User
CVSS 7.3
CVE-2025-10809 HIGH
Campcodes Online Learning Management System 1.0 - SQL Injection via /admin/department.php d Parameter
CVSS 7.3
CVE-2025-10808 HIGH
Campcodes Farm Management System 1.0 - SQL Injection via /uploadProduct.php Type Parameter
CVSS 7.3
CVE-2025-10807 MEDIUM
Campcodes Online Beauty Parlor Management System 1.0 - SQL Injection via editid Parameter
CVSS 6.3
CVE-2025-10806 MEDIUM
Campcodes Online Beauty Parlor Management System 1.0 - SQL Injection via fromdate/todate Parameter
CVSS 6.3
CVE-2025-10805 MEDIUM
Campcodes Online Beauty Parlor Management System 1.0 - SQL Injection via add-services.php sername Parameter
CVSS 6.3
CVE-2025-10804 MEDIUM
Campcodes Online Beauty Parlor Management System 1.0 - SQL Injection via mobilenum Parameter in add-customer.php
CVSS 6.3
CVE-2025-10802 HIGH
Online Bidding System 1.0 - SQL Injection via ID Parameter in remove.php
CVSS 7.3
CVE-2025-10801 HIGH
Pet Grooming Management Software 1.0 - SQL Injection via /admin/edit_tax.php ID Parameter
CVSS 7.3
CVE-2025-10800 HIGH
itsourcecode Online Discussion Forum 1.0 - SQL Injection via Email/Password Parameter
CVSS 7.3
CVE-2025-10799 HIGH
Hostel Management System 1.0 - SQL Injection via ID Parameter in Reservation View
CVSS 7.3
CVE-2025-10798 HIGH
Hostel Management System 1.0 - SQL Injection via ID Parameter in mod_roomtype
CVSS 7.3
CVE-2025-10797 HIGH
Hostel Management System 1.0 - SQL Injection via log_email Parameter
CVSS 7.3
CVE-2025-10796 HIGH
Hostel Management System 1.0 - SQL Injection via Email Parameter in Admin Login
CVSS 7.3
CVE-2025-10795 HIGH
Online Bidding System 1.0 - SQL Injection via bidupdate.php ID Parameter
CVSS 7.3
CVE-2025-10793 HIGH
E-Commerce Website 1.0 - SQL Injection via user_id Parameter in admin_account_delete.php
CVSS 7.3
CVE-2025-10791 HIGH
Online Bidding System 1.0 - SQL Injection via aduser Parameter
CVSS 7.3
CVE-2025-10790 MEDIUM
SourceCodester Simple Forum Discussion System 1.0 - SQL Injection via Description Parameter in save_category Action
CVSS 6.3
CVE-2025-10789 HIGH
Online Hotel Reservation System 1.0 - SQL Injection via deleteslide.php ID Parameter
CVSS 7.3
CVE-2025-10788 HIGH
Online Hotel Reservation System 1.0 - SQL Injection via deleteroominventory.php ID Parameter
CVSS 7.3
CVE-2025-10786 HIGH
Campcodes Grocery Sales and Inventory System 1.0 - SQL Injection via /ajax.php ID Parameter
CVSS 7.3
CVE-2025-10785 HIGH
Campcodes Grocery Sales and Inventory System 1.0 - SQL Injection via /manage_user.php ID Parameter
CVSS 7.3
Details
Vulnerabilities 4,797
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits