CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

281 matches found

CVE-2026-11521

A security vulnerability has been detected in Mohammed-eid35 bank-management-system-springboot up to 7b9bcc65ad7df3db29af71aed9bb500e5f24d948. This affects an unknown part of the file src/main/java/com/alien/bank/management/system/controller/TransactionController.java of the component Transaction...

6.5CVSS5.1AI score0.00043EPSS

Exploits0References1

NVD•added 6 days ago•6 views

CVE-2026-11521

6.5CVSS0.00043EPSS

Exploits0References6

Cvelist•added 6 days ago•35 views

CVE-2026-11521 Mohammed-eid35 bank-management-system-springboot Transaction Endpoint TransactionController.java improper authorization

6.5CVSS0.00043EPSS

Exploits0References6

Vulnrichment•added 6 days ago•4 views

CVE-2026-11521 Mohammed-eid35 bank-management-system-springboot Transaction Endpoint TransactionController.java improper authorization

6.5CVSS6.1AI score0.00043EPSS

Exploits0References6

EUVD•added 6 days ago•6 views

EUVD-2026-35075

6.5CVSS6.1AI score0.00043EPSS

Exploits0References6

CVE•added 6 days ago•10 views

CVE-2026-11521

Mohammed-eid35 bank-management-system-springboot (Transaction Endpoint) has a vulnerability in TransactionController.java leading to improper authorization. A remote attacker could exploit it, and public PoCs exist per the CVE metrics. Affected version details are not provided due to rolling rele...

6.5CVSS6.1AI score0.00043EPSS

Exploits0References6

CNNVD•added 2026/06/01 12:0 a.m.•8 views

Itsourcecode Online Blood Bank Management System SQL Injection Vulnerability

itsourcecode Online Blood Bank Management System is an open-source online blood bank management system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability, which stems from improper handling of the parameter ID in the file/admin/viewrequest.php, potentially...

7.5CVSS7.2AI score0.00044EPSS

Exploits0References6

RedhatCVE•added 2025/12/02 12:19 a.m.•8 views

CVE-2025-63535

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the abs.php component. The application fails to properly sanitize usersupplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the search field, an attacker can bypass...

9.6CVSS8.4AI score0.00082EPSS

Exploits0References1

RedhatCVE•added 2025/12/02 12:19 a.m.•8 views

CVE-2025-63529

A session fixation vulnerability exists in Blood Bank Management System 1.0 in login.php that allows an attacker to set or predict a user's session identifier prior to authentication. When the victim logs in, the application continues to use the attacker-supplied session ID rather than generating...

8.8CVSS7AI score0.00064EPSS

Exploits1References1

OSV•added 2025/12/01 4:15 p.m.•3 views

CVE-2025-63535

8.8CVSS5.9AI score0.00082EPSS

Exploits0References3

OSV•added 2025/12/01 4:15 p.m.•1 views

CVE-2025-63534

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System 1.0 within the login.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg and...

5.4CVSS5.7AI score0.00025EPSS

Exploits0References3

NVD•added 2025/12/01 3:15 p.m.•3 views

CVE-2025-63529

8.8CVSS0.00064EPSS

Exploits1References3

OSV•added 2025/12/01 3:15 p.m.•2 views

CVE-2025-63526

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System within the abs.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg parameter,...

5.4CVSS5.7AI score0.00027EPSS

Exploits1References3

Vulnrichment•added 2025/12/01 12:0 a.m.•3 views

CVE-2025-63529

6.1CVSS6.5AI score0.00064EPSS

Exploits1References3

Vulnrichment•added 2025/12/01 12:0 a.m.•1 views

CVE-2025-63525

An issue was discovered in Blood Bank Management System 1.0 allowing authenticated attackers to perform actions with escalated privileges via crafted request to delete.php...

9.6CVSS6.5AI score0.00044EPSS

Exploits1References3

Cvelist•added 2025/12/01 12:0 a.m.•3 views

CVE-2025-63533

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and rprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript...

8.5CVSS0.00025EPSS

Exploits0References3

Positive Technologies•added 2025/12/01 12:0 a.m.•2 views

PT-2025-48460

Name of the Vulnerable Software and Affected Versions Blood Bank Management System version 1.0 Description A SQL injection issue exists in the Blood Bank Management System 1.0 within the receiverLogin.php component. The application does not properly sanitize user-supplied input used in SQL querie...

10CVSS7.9AI score0.00122EPSS

Exploits1References8

CNNVD•added 2025/12/01 12:0 a.m.•3 views

Blood Bank Management System 安全漏洞

Blood Bank Management System is a blood bank management system by shridhar shukla individual developer. A security vulnerability exists in Blood Bank Management System version 1.0, which stems from a session fixation issue in login.php that could lead to session hijacking...

8.8CVSS6.7AI score0.00064EPSS

Exploits1References4

Cvelist•added 2025/12/01 12:0 a.m.•7 views

CVE-2025-63529

6.1CVSS0.00064EPSS

Exploits1References3

CVE•added 2025/12/01 12:0 a.m.•6 views

CVE-2025-63527

CVE-2025-63527 affects Blood Bank Management System 1.0. The XSS flaw exists in updateprofile.php and hprofile.php where user input is not properly sanitized/encoded, allowing injection of JavaScript via hname, hemail, hpassword, hphone, and hcity parameters. This input is rendered in the respons...

8.5CVSS5.5AI score0.00027EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by