Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,804 vulnerabilities with CWE-74

CVE-2025-9418 HIGH

itsourcecode Apartment Management System 1.0 - SQL Injection

CVE-2025-9417 MEDIUM

itsourcecode Apartment Management System 1.0 - SQL Injection

CVE-2025-9413 MEDIUM

lostvip ruoyi-go < 2.1 - SQL Injection via SelectListByPage orderByColumn/isAsc Parameters

CVE-2025-9412 MEDIUM

lostvip-com ruoyi-go <2.1 - SQL Injection

CVE-2025-9411 MEDIUM

lostvip ruoyi-go < 2.1 - SQL Injection via isAsc Argument in SelectPageList

CVE-2025-9410 MEDIUM

ruoyi-go < 2.1 - SQL Injection via SelectListByPage Function

CVE-2025-9399 MEDIUM

YiFang CMS <= 2.0.5 - SQL Injection via new_url Parameter in L_tool.php

CVE-2025-9391 MEDIUM

Bjskzy Zhiyou ERP <11.0 - SQL Injection

CVE-2025-9311 HIGH

itsourcecode Apartment Management System 1.0 - SQL Injection

CVE-2025-9307 HIGH

PHPGurukul Online Course Registration <3.1 - SQL Injection

CVE-2025-9305 HIGH

SourceCodester Online Bank Management System 1.0 - SQL Injection

CVE-2025-9304 HIGH

SourceCodester Online Bank Management System 1.0 - SQL Injection

CVE-2025-9302 HIGH

PHPGurukul User Management System 1.0 - SQL Injection

CVE-2025-9241 MEDIUM

elunez eladmin <2.7 - CSV Injection

CVE-2025-9238 HIGH

Swatadru Exam-Seating-Arrangement - SQL Injection in /student.php

CVE-2025-9236 MEDIUM

Portabilis i-Educar <2.10 - SQL Injection

CVE-2025-9156 HIGH

itsourcecode Sports Management System 1.0 - SQL Injection

CVE-2025-9155 HIGH

Online Tour and Travel Management System 1.0 - SQL Injection via Email Parameter in Forget Password

CVE-2025-9154 HIGH

Online Tour and Travel Management System 1.0 - SQL Injection via Email Parameter

CVE-2025-9150 HIGH

Surbowl dormitory-management-php <9f1d9d1f528cabffc66fda3652c56ff32...

CVE-2025-9149 MEDIUM

Wavlink WL-NU516U1 M16U1_V240425 - Command Injection

CVE-2025-9148 MEDIUM

CodePhiliaX Chat2DB <0.3.7 - SQL Injection

CVE-2025-9140 MEDIUM

Lingdang CRM < 8.6.5.4 - SQL Injection via getvaluestring Parameter

CVE-2025-9090 MEDIUM

Tenda AC20 16.03.08.12 - Command Injection

CVE-2025-9053 HIGH

projectworlds Travel Management System 1.0 - SQL Injection via /updatesubcategory.php t1/s1 Parameter

Previous Page 77 of 193 Next

Details

Vulnerabilities 4,804

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy