Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-74

CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,805 vulnerabilities with CWE-74

CVE-2025-8236 HIGH

Online Ordering System 1.0 - SQL Injection via Name Parameter in Edit Product

CVE-2025-8235 HIGH

Online Ordering System 1.0 - SQL Injection via Name Parameter in Product Admin Page

CVE-2025-8234 HIGH

Online Ordering System 1.0 - SQL Injection via /admin/delete_member.php ID Parameter

CVE-2025-8233 HIGH

Online Ordering System 1.0 - SQL Injection via /admin/user.php un Parameter

CVE-2025-8232 HIGH

Online Ordering System 1.0 - SQL Injection via /admin/delete_user.php ID Parameter

CVE-2025-8230 MEDIUM

Campcodes Courier Management System 1.0 - SQL Injection via ID Parameter in manage_user.php

CVE-2025-8229 MEDIUM

Campcodes Courier Management System 1.0 - SQL Injection via Parcel List Search Parameter

CVE-2025-8220 HIGH

Engeman Web < 12.0.0.1 - SQL Injection via LanguageCombobox Cookie Parameter

CVE-2025-8219 MEDIUM

Lingdang CRM < 8.6.5.2 - SQL Injection via getvaluestring Parameter

CVE-2025-8203 MEDIUM

Jingmen Zeyou Large File Upload Control < 6.3 - SQL Injection via ID Parameter in /index.jsp

CVE-2025-8190 MEDIUM

Campcodes Courier Management System 1.0 - SQL Injection via /print_pdets.php ids Parameter

CVE-2025-8189 MEDIUM

Campcodes Courier Management System 1.0 - SQL Injection via /edit_user.php ID Parameter

CVE-2025-8188 MEDIUM

Campcodes Courier Management System 1.0 - SQL Injection via /edit_staff.php ID Parameter

CVE-2025-8187 MEDIUM

Campcodes Courier Management System 1.0 - SQL Injection via /edit_parcel.php ID Parameter

CVE-2025-8186 MEDIUM

Campcodes Courier Management System 1.0 - SQL Injection via /edit_branch.php ID Parameter

CVE-2025-8185 HIGH

1000 Projects ABC Courier Management System 1.0 - SQL Injection via /getbyid.php ID Parameter

CVE-2025-8179 HIGH

PHPGurukul Local Services Search Engine Management System 2.1 - SQL Injection via editid Parameter

CVE-2025-8173 HIGH

1000 Projects ABC Courier Management System 1.0 - SQL Injection via reciver_name Parameter

CVE-2025-8172 MEDIUM

itsourcecode Employee Management System 1.0 - SQL Injection via Username Parameter

CVE-2025-8166 HIGH

Church Donation System 1.0 - SQL Injection via Username Parameter in Admin Login

CVE-2025-8165 MEDIUM

Food Review System 1.0 - SQL Injection via /admin/approve_reservation.php Occasion Parameter

CVE-2025-8164 MEDIUM

Public Chat Room 1.0 - SQL Injection via send_message.php ID Parameter

CVE-2025-8163 MEDIUM

deer-wms-2 < 3.3 - SQL Injection via params[dataScope]

CVE-2025-8162 MEDIUM

deer-wms-2 < 3.3 - SQL Injection via params[dataScope]

CVE-2025-8161 MEDIUM

deer-wms-2 < 3.3 - SQL Injection via /system/role/export params[dataScope]

Previous Page 84 of 193 Next

Details

Vulnerabilities 4,805

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy