3502 matches found
Cross site scripting
Cross Site Scripting XSS vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL...
Sql injection
SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters...
Cross site scripting
Cross Site Scripting XSS in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL...
CVE-2023-46017
SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters...
CVE-2023-46018
SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter...
CVE-2023-46014
SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters...
CVE-2023-46016
Cross Site Scripting XSS in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL...
CVE-2023-46021
SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter...
CVE-2023-46019
CVE-2023-46019 is a reflected XSS vulnerability in Code-Projects Blood Bank 1.0, triggered by the error parameter in abs.php. The vulnerability is caused by insufficient input validation, allowing arbitrary script injection in the user’s browser. Connected docs provide a PoC payload and confirm t...
CVE-2023-46017
CVE-2023-46017 affects Code-Projects Blood Bank 1.0. The vulnerability is an SQL injection in receiverLogin.php via the remail/rpassword parameters, enabling attackers to execute arbitrary SQL commands. Reported PoC details show local exploitation against both login paths (receiverLogin.php and h...
CVE-2023-46019
Cross Site Scripting XSS vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter...
CVE-2023-46021
SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter...
CVE-2023-46020
Cross Site Scripting XSS in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters...
CVE-2023-46015
CVE-2023-46015 affects Code-Projects Blood Bank 1.0. It is a Reflected Cross-Site Scripting (XSS) vulnerability in index.php, exploitable via the msg parameter in the application URL. The NVD lists a CVSS v3.1 base score of 6.1 (Medium) with network attack vector, user interaction required, and p...
CVE-2023-46014
The CVE-2023-46014 case concerns Code-Projects Blood Bank v1.0. A SQL Injection flaw exists in hospitalLogin.php, exploitable via the hemail and hpassword parameters, enabling arbitrary SQL commands and potential authentication bypass. Technical context from connected documents confirms the vulne...
PT-2023-29803 · Unknown · Code-Projects Blood Bank
Name of the Vulnerable Software and Affected Versions: Code-Projects Blood Bank version 1.0 Description: The issue allows attackers to execute arbitrary commands via the reqid parameter in the cancel.php file. This can be exploited to run unauthorized commands. Recommendations: For Code-Projects...
Code-Projects Blood Bank SQL Injection Vulnerability
Code-Projects Blood Bank is a blood bank system for the Code-Projects project. A security vulnerability exists in Code-Projects Blood Bank version 1.0, which originates from a SQL injection vulnerability in the parameter recmail of the file receiverReg.php...
CVE-2023-46014
SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters...
Code-Projects Blood Bank Security Breach
Code-Projects Blood Bank is a blood bank system from the Code-Projects project. A security vulnerability exists in Code-Projects Blood Bank version 1.0, which stems from a SQL injection vulnerability in the parameter reqid of the file cancel.php...
Code-Projects Blood Bank Cross-Site Scripting Vulnerability
Code-Projects Blood Bank is a blood bank system from the Code-Projects project. A security vulnerability exists in Code-Projects Blood Bank version 1.0, which stems from a stored cross-site scripting XSS vulnerability in the rename and other parameters of the file updateprofile.php...