74 matches found
CVE-2023-46019
Cross Site Scripting XSS vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter...
CVE-2023-46016
Cross Site Scripting XSS in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL...
CVE-2023-46017
SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters...
CVE-2023-46017
SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters...
CVE-2023-46018
SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter...
CVE-2023-46019
CVE-2023-46019 is a reflected XSS vulnerability in Code-Projects Blood Bank 1.0, triggered by the error parameter in abs.php. The vulnerability is caused by insufficient input validation, allowing arbitrary script injection in the user’s browser. Connected docs provide a PoC payload and confirm t...
CVE-2023-46015
CVE-2023-46015 affects Code-Projects Blood Bank 1.0. It is a Reflected Cross-Site Scripting (XSS) vulnerability in index.php, exploitable via the msg parameter in the application URL. The NVD lists a CVSS v3.1 base score of 6.1 (Medium) with network attack vector, user interaction required, and p...
CVE-2023-46021
SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter...
CVE-2023-46020
Cross Site Scripting XSS in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters...
CVE-2023-46019
Cross Site Scripting XSS vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter...
CVE-2023-46021
SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter...
Exploit for SQL Injection in Code-Projects Blood_Bank
CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-...
Exploit for Cross-site Scripting in Code-Projects Blood_Bank
CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Si...
PT-2023-29795 · Unknown · Code-Projects Blood Bank
Name of the Vulnerable Software and Affected Versions: Code-Projects Blood Bank version 1.0 Description: The issue allows attackers to execute arbitrary SQL commands by exploiting the SQL Injection vulnerability in the hospitalLogin.php file. This is achieved via the hemail and hpassword...