Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,805 vulnerabilities with CWE-74

CVE-2025-8437 HIGH

Kitchen Treasure 1.0 - SQL Injection via Email Parameter in User Registration

CVE-2025-8436 HIGH

projectworlds Online Admission System 1.0 - SQL Injection via /viewdoc.php ID Parameter

CVE-2025-8431 HIGH

PHPGurukul Boat Booking System 1.0 - SQL Injection via boatname Parameter

CVE-2025-8409 HIGH

code-projects Vehicle Management 1.0 - SQL Injection via /filter.php from Parameter

CVE-2025-8408 HIGH

code-projects Vehicle Management 1.0 - SQL Injection via filter1.php Vehicle Parameter

CVE-2025-8407 HIGH

code-projects Vehicle Management 1.0 - SQL Injection via filter2.php from Parameter

CVE-2025-8382 MEDIUM

Campcodes Online Hotel Reservation System 1.0 - SQL Injection via /admin/edit_room.php room_id Parameter

CVE-2025-8381 MEDIUM

Campcodes Online Hotel Reservation System 1.0 - SQL Injection via room_id Parameter

CVE-2025-8378 HIGH

Campcodes Online Hotel Reservation System 1.0 - SQL Injection via Login Component

CVE-2025-8376 HIGH

code-projects Vehicle Management 1.0 - SQL Injection via /updatebal.php company Parameter

CVE-2025-8375 HIGH

code-projects Vehicle Management 1.0 - SQL Injection via /addvehicle.php Vehicle Parameter

CVE-2025-8374 HIGH

code-projects Vehicle Management 1.0 - SQL Injection via company Parameter in addcompany.php

CVE-2025-8373 HIGH

code-projects Vehicle Management 1.0 - SQL Injection via /print.php sno Parameter

CVE-2025-8372 HIGH

code-projects Exam Form Submission 1.0 - SQL Injection via /admin/update_s7.php credits Parameter

CVE-2025-8371 HIGH

code-projects Exam Form Submission 1.0 - SQL Injection via /admin/update_s5.php credits Parameter

CVE-2025-8347 MEDIUM

Kehua Charging Pile Cloud Platform 1.0 - SQL Injection via /sys/task/findAllTask

CVE-2025-8345 MEDIUM

Lingdang CRM < 8.6.5.2 - SQL Injection via yunzhijiaApi.php delete_user Function

CVE-2025-8339 HIGH

Intern Membership Management System 1.0 - SQL Injection via User Name or Password Parameter

CVE-2025-8338 HIGH

projectworlds Online Admission System 1.0 - SQL Injection via /adminac.php ID Parameter

CVE-2025-8336 HIGH

Campcodes Online Recruitment Management System 1.0 - SQL Injection via ID Parameter in /admin/ajax.php

CVE-2025-8334 HIGH

Campcodes Online Recruitment Management System 1.0 - SQL Injection via ID Parameter in /admin/ajax.php

CVE-2025-8333 HIGH

Online Farm System 1.0 - SQL Injection via /categoryvalue.php Value Parameter

CVE-2025-8332 HIGH

Online Farm System 1.0 - SQL Injection via Username Parameter in Register Endpoint

CVE-2025-8331 HIGH

Online Farm System 1.0 - SQL Injection via Forgot Password Email Parameter

CVE-2025-8330 HIGH

code-projects Vehicle Management 1.0 - SQL Injection via /edit1.php sno Parameter

Previous Page 82 of 193 Next

Details

Vulnerabilities 4,805

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy