Lucene search
K

327 matches found

NVD
NVD
added 2026/06/01 11:16 a.m.13 views

CVE-2026-10250

A security flaw has been discovered in itsourcecode Online Blood Bank Management System 1.0. The affected element is an unknown function of the file /admin/campsdetails.php. Performing a manipulation of the argument hospital results in sql injection. The attack is possible to be carried out...

7.5CVSS0.00263EPSS
Exploits0References6
NVD
NVD
added 2026/06/01 11:16 a.m.15 views

CVE-2026-10249

A vulnerability was identified in itsourcecode Online Blood Bank Management System 1.0. Impacted is an unknown function of the file /admin/viewrequest.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might...

7.5CVSS0.00269EPSS
Exploits0References6
CVE
CVE
added 2026/06/01 10:30 a.m.21 views

CVE-2026-10249

The vulnerability CVE-2026-10249 affects itsourcecode Online Blood Bank Management System 1.0, specifically an unknown function in /admin/viewrequest.php where manipulation of the ID argument triggers SQL injection. It can be exploited remotely, and a public exploit is available. The CVSS metrics...

7.5CVSS5.8AI score0.00269EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

itsourcecode Online Blood Bank Management System SQL注入漏洞

itsourcecode Online Blood Bank Management System is an open-source online blood bank management system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability, which stems from improper handling of the parameter ID in the file/admin/viewrequest.php, potentially...

7.5CVSS7.5AI score0.00269EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.7 views

BloodX 安全漏洞

BloodX is a blood bank management backend developed by Divesh Jain personally. Version 1.0 of BloodX contains a security vulnerability; this vulnerability stems from an authentication bypass in the login.php file, which may allow attackers to access the dashboard without valid credentials...

6.9CVSS5.8AI score0.00301EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/02 12:19 a.m.10 views

CVE-2025-63526

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System within the abs.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg parameter,...

8.5CVSS5.8AI score0.0028EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/02 12:19 a.m.11 views

CVE-2025-63535

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the abs.php component. The application fails to properly sanitize usersupplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the search field, an attacker can bypass...

9.6CVSS8.4AI score0.00352EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/02 12:19 a.m.9 views

CVE-2025-63531

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the receiverLogin.php component. The application fails to properly sanitize user-supplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the remail and rpassword fields, a...

10CVSS8.4AI score0.00587EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/02 12:19 a.m.27 views

CVE-2025-63527

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and hprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript...

8.5CVSS5.8AI score0.0028EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/02 12:19 a.m.7 views

CVE-2025-63532

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the cancel.php component. The application fails to properly sanitize user-supplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the search field, an attacker can bypass...

9.6CVSS8.4AI score0.00352EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/02 12:19 a.m.9 views

CVE-2025-63529

A session fixation vulnerability exists in Blood Bank Management System 1.0 in login.php that allows an attacker to set or predict a user's session identifier prior to authentication. When the victim logs in, the application continues to use the attacker-supplied session ID rather than generating...

8.8CVSS7AI score0.00328EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/02 12:19 a.m.12 views

CVE-2025-63534

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System 1.0 within the login.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg and...

8.5CVSS5.8AI score0.00186EPSS
Exploits0References1
OSV
OSV
added 2025/12/01 4:15 p.m.6 views

CVE-2025-63535

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the abs.php component. The application fails to properly sanitize usersupplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the search field, an attacker can bypass...

8.8CVSS5.9AI score0.00352EPSS
Exploits0References3
OSV
OSV
added 2025/12/01 4:15 p.m.4 views

CVE-2025-63534

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System 1.0 within the login.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg and...

5.4CVSS5.7AI score0.00186EPSS
Exploits0References3
OSV
OSV
added 2025/12/01 4:15 p.m.4 views

CVE-2025-63532

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the cancel.php component. The application fails to properly sanitize user-supplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the search field, an attacker can bypass...

8.8CVSS5.9AI score0.00352EPSS
Exploits0References3
NVD
NVD
added 2025/12/01 3:15 p.m.2 views

CVE-2025-63531

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the receiverLogin.php component. The application fails to properly sanitize user-supplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the remail and rpassword fields, a...

10CVSS0.00587EPSS
Exploits1References3
OSV
OSV
added 2025/12/01 3:15 p.m.3 views

CVE-2025-63525

An issue was discovered in Blood Bank Management System 1.0 allowing authenticated attackers to perform actions with escalated privileges via crafted request to delete.php...

8.8CVSS5.8AI score0.00432EPSS
Exploits1References3
OSV
OSV
added 2025/12/01 3:15 p.m.5 views

CVE-2025-63526

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System within the abs.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg parameter,...

5.4CVSS5.7AI score0.0028EPSS
Exploits1References3
NVD
NVD
added 2025/12/01 3:15 p.m.9 views

CVE-2025-63529

A session fixation vulnerability exists in Blood Bank Management System 1.0 in login.php that allows an attacker to set or predict a user's session identifier prior to authentication. When the victim logs in, the application continues to use the attacker-supplied session ID rather than generating...

8.8CVSS0.00328EPSS
Exploits1References3
NVD
NVD
added 2025/12/01 3:15 p.m.9 views

CVE-2025-63528

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System 1.0 within the blooddinfo.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the erro...

8.5CVSS0.0028EPSS
Exploits1References3
Rows per page
Query Builder