CWE-74

High likelihood

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Parent: CWE-707 - Improper Neutralization

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

4,807 vulnerabilities with CWE-74
CVE-2025-6567 HIGH
Campcodes Online Recruitment Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6535 MEDIUM
xxyopen/201206030 novel-plus <5.1.3 - SQL Injection
CVSS 6.3
CVE-2025-6503 HIGH
Code-projects Inventory Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6502 HIGH
Code-projects Inventory Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6501 HIGH
Code-projects Inventory Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6500 HIGH
Code-projects Inventory Management System 1.0 - SQL Injection
CVSS 7.3
CVE-2025-6489 HIGH
Agri-Trading Online Shopping System 1.0 - SQL Injection via del Parameter in transactionsave.php
CVSS 7.3
CVE-2025-6484 MEDIUM
Online Shopping Store 1.0 - SQL Injection via cat_id/brand_id/keyword/proId/pid Parameter
CVSS 4.7
CVE-2025-6483 HIGH
Simple Pizza Ordering System 1.0 - SQL Injection via /edituser.php ID Parameter
CVSS 7.3
CVE-2025-6482 HIGH
Simple Pizza Ordering System 1.0 - SQL Injection via edituser-exec.php userid Parameter
CVSS 7.3
CVE-2025-6481 HIGH
Simple Pizza Ordering System 1.0 - SQL Injection via /update.php ID Parameter
CVSS 7.3
CVE-2025-6480 HIGH
Simple Pizza Ordering System 1.0 - SQL Injection via /addcatexec.php textfield Parameter
CVSS 7.3
CVE-2025-6479 HIGH
Simple Pizza Ordering System 1.0 - SQL Injection via salesreport.php dayfrom Parameter
CVSS 7.3
CVE-2025-6474 HIGH
code-projects Inventory Management System 1.0 - SQL Injection via user_id Parameter
CVSS 7.3
CVE-2025-6472 HIGH
Online Bidding System 1.0 - SQL Injection via showprod.php ID Parameter
CVSS 7.3
CVE-2025-6471 HIGH
Online Bidding System 1.0 - SQL Injection via aduser Parameter
CVSS 7.3
CVE-2025-6470 HIGH
Online Bidding System 1.0 - SQL Injection via ID Parameter in bidlog.php
CVSS 7.3
CVE-2025-6469 HIGH
Online Bidding System 1.0 - SQL Injection via ID Parameter in details.php
CVSS 7.3
CVE-2025-6468 HIGH
Online Bidding System 1.0 - SQL Injection via ID Parameter in bidnow.php
CVSS 7.3
CVE-2025-6467 HIGH
Online Bidding System 1.0 - SQL Injection via User Parameter in login.php
CVSS 7.3
CVE-2025-6458 HIGH
Online Hotel Reservation System 1.0 - SQL Injection via userid Parameter
CVSS 7.3
CVE-2025-6457 HIGH
Online Hotel Reservation System 1.0 - SQL Injection via Start Parameter in /reservation/demo.php
CVSS 7.3
CVE-2025-6456 HIGH
Online Hotel Reservation System 1.0 - SQL Injection via Start Parameter in /reservation/order.php
CVSS 7.3
CVE-2025-6455 HIGH
Online Hotel Reservation System 1.0 - SQL Injection via Name Parameter in /messageexec.php
CVSS 7.3
CVE-2025-6451 HIGH
Simple Online Hotel Reservation System 1.0 - SQL Injection via transaction_id Parameter
CVSS 7.3
Details
Vulnerabilities 4,807
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits