CWE-74— Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection)
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.— MITRE CWE catalog
5,096 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-74page 64 of 102
- CVE-2025-5631CRITICALCVSS 9.8EG 7.32025-06-05
A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been classified as critical. Affected is an unknown function of the file /publicposts.php. The manipulation of the argument post l…
- CVE-2025-5632HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/users.php. The manipulati…
- CVE-2025-5633HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/users.php. The manipulation of the…
- CVE-2025-5638HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability has been found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin-profile.php. The manipulation of the argument mobilenumber leads…
- CVE-2025-5639CRITICALCVSS 9.8EG 7.32025-06-05
A vulnerability was found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injectio…
- CVE-2025-5650CRITICALCVSS 9.8EG 7.32025-06-05
A vulnerability classified as critical was found in 1000projects Online Notice Board 1.0. This vulnerability affects unknown code of the file /register.php. The manipulation of the argument fname leads to sql injection. The attack can be i…
- CVE-2025-5652HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability, which was classified as critical, was found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function of the file /admin/between-date-complaintreport.php. The manipulation of the argument fromdate/toda…
- CVE-2025-5653HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability has been found in PHPGurukul Complaint Management System 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/between-date-userreport.php. The manipulation of the arg…
- CVE-2025-5654HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability was found in PHPGurukul Complaint Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-state.php. The manipulation of the argument description leads …
- CVE-2025-5655HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been classified as critical. This affects an unknown part of the file /admin/edit-subcategory.php. The manipulation of the argument subcategory leads to sql in…
- CVE-2025-5656HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-category.php. The manipulation of the argument description leads to …
- CVE-2025-5657HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/manage-users.php. The manipulation of the argument uid leads to sql injec…
- CVE-2025-5658HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability classified as critical has been found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function of the file /admin/updatecomplaint.php. The manipulation of the argument Status leads to sql injection. It…
- CVE-2025-5659HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability classified as critical was found in PHPGurukul Complaint Management System 2.0. Affected by this vulnerability is an unknown functionality of the file /user/profile.php. The manipulation of the argument pincode leads to sql…
- CVE-2025-5660HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability, which was classified as critical, has been found in PHPGurukul Complaint Management System 2.0. Affected by this issue is some unknown functionality of the file /user/register-complaint.php. The manipulation of the argumen…
- CVE-2025-5663CRITICALCVSS 9.8EG 7.32025-06-05
A vulnerability has been found in PHPGurukul Auto Taxi Stand Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/search-autoortaxi.php. The manipulation of the argument searchdata le…
- CVE-2025-5668HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. This affects an unknown part of the file /admin/readenq.php. The manipulation of the argument ID leads to sql injection. It is possible…
- CVE-2025-5669HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability classified as critical was found in PHPGurukul Medical Card Generation System 1.0. This vulnerability affects unknown code of the file /admin/unreadenq.php. The manipulation of the argument ID leads to sql injection. The at…
- CVE-2025-5670HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability, which was classified as critical, has been found in PHPGurukul Medical Card Generation System 1.0. This issue affects some unknown processing of the file /admin/manage-card.php. The manipulation of the argument ID leads to…
- CVE-2025-5674HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file urinalysis_form.php. The manipulation of the argument urinalysis_i…
- CVE-2025-5675CRITICALCVSS 9.8EG 7.32025-06-05
A vulnerability was found in Campcodes Online Teacher Record Management System 1.0. It has been classified as critical. This affects an unknown part of the file /trms/admin/bwdates-reports-details.php. The manipulation of the argument from…
- CVE-2025-5676CRITICALCVSS 9.8EG 7.32025-06-05
A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/ajax.php?action=login. The manipulation of the argument Username …
- CVE-2025-5677CRITICALCVSS 9.8EG 7.32025-06-05
A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/ajax.php?action=save_application. The manipulation of the argumen…
- CVE-2025-5693HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /bwdates-report-result.php. The manipulat…
- CVE-2025-5694HIGHCVSS 8.8EG 6.32025-06-05
A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search-report-result.php. The manipulation of the…
- CVE-2025-5695MEDIUMCVSS 4.7EG 4.72025-06-05
A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. This impacts the function subscribe_to_spot/subscribe_to_delta/subscribe_to_alarm of the file /usr/www/application/models/subscriptions.php of the component Backend. Such m…
- CVE-2025-5696CRITICALCVSS 9.8EG 6.32025-06-05
A vulnerability classified as critical was found in Brilliance Golden Link Secondary System up to 20250424. This vulnerability affects unknown code of the file /storagework/rentChangeCheckInfoPage.htm. The manipulation of the argument clie…
- CVE-2025-5697CRITICALCVSS 9.8EG 6.32025-06-05
A vulnerability, which was classified as critical, has been found in Brilliance Golden Link Secondary System up to 20250424. This issue affects some unknown processing of the file /reprotframework/tcCustDeferPosiQuery.htm. The manipulation…
- CVE-2025-5698CRITICALCVSS 9.8EG 6.32025-06-05
A vulnerability, which was classified as critical, was found in Brilliance Golden Link Secondary System up to 20250424. Affected is an unknown function of the file /sysframework/logSelect.htm. The manipulation of the argument nodename lead…
- CVE-2025-5704HIGHCVSS 7.3EG 7.32025-06-05
A vulnerability was found in code-projects Real Estate Property Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /Admin/User.php. The manipulation of the argument txtUserName leads to…
- CVE-2025-5705HIGHCVSS 7.3EG 7.32025-06-06
A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Admin/Property.php. The manipulation of the argument cmbCat leads to sq…
- CVE-2025-5706CRITICALCVSS 9.8EG 7.32025-06-06
A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /new-user-testing.php. The manipulation o…
- CVE-2025-5707CRITICALCVSS 9.8EG 7.32025-06-06
A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registered-user-testing.php. The manipulation of …
- CVE-2025-5708HIGHCVSS 7.3EG 7.32025-06-06
A vulnerability classified as critical has been found in code-projects Real Estate Property Management System 1.0. This affects an unknown part of the file /Admin/NewsReport.php. The manipulation of the argument txtFrom leads to sql inject…
- CVE-2025-5709HIGHCVSS 7.3EG 7.32025-06-06
A vulnerability classified as critical was found in code-projects Real Estate Property Management System 1.0. This vulnerability affects unknown code of the file /Admin/InsertCategory.php. The manipulation of the argument txtCategoryName l…
- CVE-2025-5710HIGHCVSS 7.3EG 7.32025-06-06
A vulnerability, which was classified as critical, has been found in code-projects Real Estate Property Management System 1.0. This issue affects some unknown processing of the file /Admin/InsertState.php. The manipulation of the argument …
- CVE-2025-5711HIGHCVSS 7.3EG 7.32025-06-06
A vulnerability, which was classified as critical, was found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file /Admin/InsertCity.php. The manipulation of the argument cmbState leads to…
- CVE-2025-5712HIGHCVSS 7.3EG 7.32025-06-06
A vulnerability has been found in SourceCodester Open Source Clinic Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /appointment.php. The manipulation of the argument…
- CVE-2025-5716HIGHCVSS 7.3EG 7.32025-06-06
A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. Affected is an unknown function of the file /login.php. The manipulation of the argument email leads to sql injection. It is …
- CVE-2025-5729HIGHCVSS 7.5EG 6.32025-06-06
A vulnerability, which was classified as critical, was found in code-projects Health Center Patient Record Management System 1.0. Affected is an unknown function of the file /birthing_record.php. The manipulation of the argument itr_no lea…
- CVE-2025-5755HIGHCVSS 7.3EG 7.32025-06-06
A vulnerability was found in SourceCodester Open Source Clinic Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /email_config.php. The manipulation of the argument email leads to sql in…
- CVE-2025-5756CRITICALCVSS 9.8EG 7.32025-06-06
A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /Admin/EditCity.php. The manipulation leads to …
- CVE-2025-5758HIGHCVSS 7.3EG 7.32025-06-06
A vulnerability classified as critical has been found in SourceCodester Open Source Clinic Management System 1.0. This affects an unknown part of the file /doctor.php. The manipulation of the argument doctorname leads to sql injection. It …
- CVE-2025-5759CRITICALCVSS 9.8EG 7.32025-06-06
A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. This vulnerability affects unknown code of the file /admin/edit-person-detail.php?editid=2. The manipulation of the argument…
- CVE-2025-5761HIGHCVSS 8.8EG 6.32025-06-06
A vulnerability, which was classified as critical, has been found in PHPGurukul BP Monitoring Management System 1.0. This issue affects some unknown processing of the file /edit-family-member.php. The manipulation of the argument memberage…
- CVE-2025-5762HIGHCVSS 7.5EG 6.32025-06-06
A vulnerability, which was classified as critical, was found in code-projects Patient Record Management System 1.0. Affected is an unknown function of the file view_hematology.php. The manipulation of the argument itr_no leads to sql injec…
- CVE-2025-5763HIGHCVSS 8.8EG 4.72025-06-06
A vulnerability has been found in Tenda CP3 11.10.00.2311090948 and classified as critical. Affected by this vulnerability is the function sub_F3C8C of the file apollo. The manipulation leads to command injection. The attack can be launche…
- CVE-2025-5778CRITICALCVSS 9.8EG 7.32025-06-06
A vulnerability, which was classified as critical, was found in 1000 Projects ABC Courier Management System 1.0. Affected is an unknown function of the file /admin. The manipulation of the argument Username leads to sql injection. It is po…
- CVE-2025-5779HIGHCVSS 7.5EG 6.32025-06-06
A vulnerability has been found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /birthing.php. The manipulation of the argument itr_no/…
- CVE-2025-5780HIGHCVSS 7.5EG 6.32025-06-06
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view_dental.php. The manipulation of the argument itr_no leads to…
Map vulnerabilities like CWE-74 to your infrastructure
EchelonGraph correlates every CVE — across CWE-74 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →