CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,805 vulnerabilities with CWE-74
CVE-2025-8158 MEDIUM
PHPGurukul Login and User Management System 3.3 - SQL Injection via ID Parameter in /admin/yesterday-reg-users.php
CVSS 6.3
CVE-2025-8157 MEDIUM
PHPGurukul User Registration & Login and User Management 3.3 - SQL Injection via ID Parameter
CVSS 6.3
CVE-2025-8156 MEDIUM
PHPGurukul User Registration & Login and User Management 3.3 - SQL Injection via ID Parameter
CVSS 6.3
CVE-2025-8135 MEDIUM
itsourcecode Insurance Management System 1.0 - SQL Injection via agent_id Parameter
CVSS 6.3
CVE-2025-8134 MEDIUM
PHPGurukul BP Monitoring Management System 1.0 - SQL Injection via fromdate/todate Parameters
CVSS 6.3
CVE-2025-8127 MEDIUM
deer-wms-2 < 3.3 - SQL Injection via params[dataScope]
CVSS 6.3
CVE-2025-8126 MEDIUM
deer-wms-2 < 3.3 - SQL Injection via params[dataScope]
CVSS 6.3
CVE-2025-8125 MEDIUM
deer-wms-2 < 3.3 - SQL Injection via params[dataScope]
CVSS 6.3
CVE-2025-8124 MEDIUM
deer-wms-2 < 3.3 - SQL Injection via params[dataScope]
CVSS 6.3
CVE-2025-8123 MEDIUM
deer-wms-2 < 3.3 - SQL Injection via /system/dept/edit Ancestors Parameter
CVSS 6.3
CVE-2025-8018 MEDIUM
Food Ordering Review System 1.0 - SQL Injection via reg_Id Parameter
CVSS 6.3
CVE-2025-7952 MEDIUM
TOTOLINK T6 4.1.5cu.748 - Command Injection
CVSS 6.3
CVE-2025-7950 HIGH
code-projects Public Chat Room 1.0 - SQL Injection
CVSS 7.3
CVE-2025-7936 MEDIUM
fuyang_lipengjun platform - SQL Injection via ScheduleJobLogController queryPage
CVSS 6.3
CVE-2025-7935 MEDIUM
fuyang_lipengjun platform < 2025-06-29 - SQL Injection via SysLogController Key Argument
CVSS 6.3
CVE-2025-7934 MEDIUM
fuyang_lipengjun platform - SQL Injection via ScheduleJobController beanName Parameter
CVSS 6.3
CVE-2025-7933 HIGH
Campcodes Sales & Inventory System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-7932 MEDIUM
D-Link DIR-817L <1.04B01 - Command Injection
CVSS 6.3
CVE-2025-7930 HIGH
Church Donation System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-7929 HIGH
Church Donation System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-7928 HIGH
Church Donation System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-7927 MEDIUM
PHPGurukul Online Banquet Booking System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-7915 HIGH
Chanjet CRM 1.0 - SQL Injection via /mail/mailinactive.php
CVSS 7.3
CVE-2025-7905 MEDIUM
itsourcecode Insurance Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-7904 MEDIUM
itsourcecode Insurance Management System 1.0 - SQL Injection
CVSS 6.3
Details
Vulnerabilities 4,805
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits