26 matches found
EUVD-2023-50277
Malicious code in bioql PyPI...
Blood Bank 1.0 SQL Injection
Exploit Title: Blood Bank 1.0 - 'bid' SQLi Date: 2023-11-15 Exploit Author: Ersin Erenler Vendor Homepage: https://code-projects.org/blood-bank-in-php-with-source-code Software Link: https://download-media.code-projects.org/2020/11/BloodBankInPHPWithSourcecode.zip Version: 1.0 Tested on:...
Blood Bank 1.0 - 'bid' SQLi
Exploit Title: Blood Bank 1.0 - 'bid' SQLi Date: 2023-11-15 Exploit Author: Ersin Erenler Vendor Homepage: https://code-projects.org/blood-bank-in-php-with-source-code Software Link: https://download-media.code-projects.org/2020/11/BloodBankInPHPWithSourcecode.zip Version: 1.0 Tested on:...
CVE-2023-46022
SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter...
Sql injection
SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter...
CVE-2023-46022
SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter...
CVE-2023-46022
CVE-2023-46022 concerns Code-Projects Blood Bank v1.0, with a SQL Injection in delete.php via the bid parameter. The root cause is improper input handling in delete.php, enabling attackers to execute arbitrary SQL commands. Reported impact includes potential data exposure and unauthorized databas...
CVE-2023-46022
SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter...
CVE-2023-46014
SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters...
CVE-2023-46016
Cross Site Scripting XSS in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL...
CVE-2023-46017
SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters...
Sql injection
SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter...
Sql injection
SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters...
Sql injection
SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters...
CVE-2023-46018
SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter...
CVE-2023-46014
SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters...
CVE-2023-46014
The CVE-2023-46014 case concerns Code-Projects Blood Bank v1.0. A SQL Injection flaw exists in hospitalLogin.php, exploitable via the hemail and hpassword parameters, enabling arbitrary SQL commands and potential authentication bypass. Technical context from connected documents confirms the vulne...
CVE-2023-46021
Code-Projects Blood Bank v1.0 is affected by a SQL Injection in cancel.php via the reqid parameter. The root cause is insufficient input validation, enabling an attacker to execute arbitrary commands (local attack; high confidentiality impact; no integrity/availability impact reported). Public re...
CVE-2023-46018
Summary: CVE-2023-46018 affects Code-Projects Blood Bank 1.0. The vulnerability is a SQL injection in receiverReg.php via the remail parameter due to insufficient input validation, enabling attackers to run arbitrary SQL commands and potentially access data. The exploit is demonstrated in PoCs/ex...
CVE-2023-46016
Code-Projects Blood Bank 1.0 is vulnerable to a reflected XSS in abs.php via the search parameter. The issue stems from insufficient input sanitization, allowing an attacker to inject and execute arbitrary script in a victim’s browser. A PoC exploit is provided showing the attack payload and affe...