CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,807 vulnerabilities with CWE-74
CVE-2025-6860 MEDIUM
SourceCodester Best Salon Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-6859 MEDIUM
SourceCodester Best Salon Management System 1.0 - SQL Injection
CVSS 6.3
CVE-2025-6850 MEDIUM
Simple Forum 1.0 - SQL Injection via File Parameter in forum1.php
CVSS 6.3
CVE-2025-6847 MEDIUM
Simple Forum 1.0 - SQL Injection via forum_edit.php iii Parameter
CVSS 6.3
CVE-2025-6846 HIGH
Simple Forum 1.0 - SQL Injection via Name Parameter in forum_viewfile.php
CVSS 7.3
CVE-2025-6845 HIGH
code-projects Simple Forum 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6844 HIGH
Simple Forum 1.0 - SQL Injection via User Parameter in signin.php
CVSS 7.3
CVE-2025-6842 MEDIUM
code-projects Product Inventory System 1.0 - SQL Injection
CVSS 4.7
CVE-2025-6841 MEDIUM
Product Inventory System 1.0 - SQL Injection
CVSS 4.7
CVE-2025-6840 HIGH
Product Inventory System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6836 HIGH
code-projects Library System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6835 HIGH
code-projects Library System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6834 HIGH
code-projects Inventory Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6829 MEDIUM
aaluoxiang oa_system <c3a08168 - SQL Injection
CVSS 6.3
CVE-2025-6828 HIGH
Code-projects Inventory Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6827 HIGH
code-projects Inventory Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6826 HIGH
code-projects Payroll Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6823 HIGH
Code-projects Inventory Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6822 HIGH
Code-projects Inventory Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6821 HIGH
code-projects Inventory Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6820 HIGH
Code-projects Inventory Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6819 HIGH
Code-projects Inventory Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-53097 MEDIUM
roo_code < 3.20.3 - Information Disclosure via search_files Tool
CVSS 5.9
CVE-2025-6777 HIGH
Food Distributor Site 1.0 - SQL Injection via Username/Password Parameter
CVSS 7.3
CVE-2025-6775 MEDIUM
xiaoyunjie openvpn-cms-flask < 1.2.8 - OS Command Injection via User Creation Endpoint Username Parameter
CVSS 6.3
Details
Vulnerabilities 4,807
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits