16 matches found
CVE-2026-5240
A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. This affects an unknown part of the file /adminstate.php. The manipulation of the argument statename leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
EUVD-2026-17735
A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. This affects an unknown part of the file /adminstate.php. The manipulation of the argument statename leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2026-5240
A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. This affects an unknown part of the file /adminstate.php. The manipulation of the argument statename leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
Code-Projects BloodBank Managing System 代码注入漏洞
The Code-Projects BloodBank Managing System is an open-source blood bank management system developed by Code-Projects. Version 1.0 of the code-projects BloodBank Managing System contains a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter statename in...
CVE-2026-5240
CVE-2026-5240 affects code-projects BloodBank Managing System 1.0. The issue arises in an unknown part of /admin_state.php where manipulating the statename argument causes a cross-site scripting (XSS) vulnerability. The description notes remote initiation and that the exploit has been publicly di...
CVE-2026-5240 code-projects BloodBank Managing System admin_state.php cross site scripting
A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. This affects an unknown part of the file /adminstate.php. The manipulation of the argument statename leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
PT-2026-29410
A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. This affects an unknown part of the file /admin state.php. The manipulation of the argument statename leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-14899
A weakness has been identified in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /admin/stateadd.php of the component Administrator Endpoint. This manipulation causes sql injection. The attack may be initiated remotely. The exploit has been made availabl...
CVE-2025-13570
Itsourcecode COVID Tracking System 1.0 is affected by CVE-2025-13570. The vulnerability is an SQL injection in the /admin/?page=state functionality, triggered by manipulating the ID parameter. It is described as exploitable remotely, with an exploit published. Multiple connected sources corrobora...
CVE-2025-11530
A weakness has been identified in code-projects Online Complaint Site 1.0. Affected is an unknown function of the file /cms/admin/state.php. This manipulation of the argument state causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the...
EUVD-2025-33256
A weakness has been identified in code-projects Online Complaint Site 1.0. Affected is an unknown function of the file /cms/admin/state.php. This manipulation of the argument state causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the...
Complaint Management System /admin/state.php File SQL Injection Vulnerability
Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that stems from a lack of sufficient validation of the input of the state parameter in the /admin/state.php file. No details of the vulnerability are available at...
PHPGurukul Complaint Management System 安全漏洞
Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that stems from a lack of sufficient validation of the input of the state parameter in the /admin/state.php file. No details of the vulnerability are available at...
HTTP Method Spoofing
Opencast versions prior to 9.10 allow HTTP method spoofing, allowing to change the assumed HTTP method via URL parameter. This allows attackers to turn HTTP GET requests into PUT requests or an HTTP form to send DELETE requests. This bypasses restrictions otherwise put on these types of requests...
CVE-2017-17985
PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/stateview.php couid parameter...
Design/Logic Flaw
PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/stateview.php couid parameter...