CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3502 matches found

Cvelist•added 2023/11/13 12:0 a.m.•26 views

CVE-2023-46019

Cross Site Scripting XSS vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter...

6.2AI score0.00471EPSS

Exploits2References1

CVE•added 2023/11/13 12:0 a.m.•54 views

CVE-2023-46020

Code-Projects Blood Bank 1.0 is affected by a Stored XSS in updateprofile.php. The vulnerability stems from insufficient input validation/sanitization of parameters rename, remail, rphone, and rcity, allowing injected scripts to be stored and executed in other users’ browsers. Exploit details and...

6.1CVSS6.1AI score0.00479EPSS

Exploits4References1Affected Software1

CNNVD•added 2023/11/13 12:0 a.m.•4 views

Code-Projects Blood Bank Security Breach

Code-Projects Blood Bank is a blood bank system from the Code-Projects project. A security vulnerability exists in Code-Projects Blood Bank version 1.0, which stems from an SQL injection vulnerability in the parameters hemail and hpassword of the file hospitalLogin.php...

5.5CVSS7.9AI score0.00394EPSS

Exploits5References2

Cvelist•added 2023/11/13 12:0 a.m.•24 views

CVE-2023-46017

SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters...

6.5AI score0.00355EPSS

Exploits5References1

CVE•added 2023/11/13 12:0 a.m.•42 views

CVE-2023-46021

Code-Projects Blood Bank v1.0 is affected by a SQL Injection in cancel.php via the reqid parameter. The root cause is insufficient input validation, enabling an attacker to execute arbitrary commands (local attack; high confidentiality impact; no integrity/availability impact reported). Public re...

5.5CVSS6.3AI score0.00349EPSS

Exploits2References1Affected Software1

Vulnrichment•added 2023/11/13 12:0 a.m.•11 views

CVE-2023-46015

Cross Site Scripting XSS vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL...

6.4AI score0.00471EPSS

Exploits3References1

Positive Technologies•added 2023/11/13 12:0 a.m.•4 views

PT-2023-29797 · Unknown · Code-Projects Blood Bank

Name of the Vulnerable Software and Affected Versions: Code-Projects Blood Bank version 1.0 Description: The issue allows attackers to run arbitrary code via the search parameter in the application URL. This is due to a Cross Site Scripting XSS flaw in the abs.php file. Recommendations: For...

6.1CVSS6.1AI score0.00471EPSS

Exploits2References2

CVE•added 2023/11/13 12:0 a.m.•59 views

CVE-2023-46016

Code-Projects Blood Bank 1.0 is vulnerable to a reflected XSS in abs.php via the search parameter. The issue stems from insufficient input sanitization, allowing an attacker to inject and execute arbitrary script in a victim’s browser. A PoC exploit is provided showing the attack payload and affe...

6.1CVSS6.1AI score0.00471EPSS

Exploits2References1Affected Software1

Cvelist•added 2023/11/13 12:0 a.m.•22 views

CVE-2023-46020

Cross Site Scripting XSS in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters...

6.3AI score0.00479EPSS

Exploits4References1

CVE•added 2023/11/13 12:0 a.m.•36 views

CVE-2023-46017

CVE-2023-46017 affects Code-Projects Blood Bank 1.0. The vulnerability is an SQL injection in receiverLogin.php via the remail/rpassword parameters, enabling attackers to execute arbitrary SQL commands. Reported PoC details show local exploitation against both login paths (receiverLogin.php and h...

5.5CVSS6.2AI score0.00355EPSS

Exploits5References1Affected Software1

CVE•added 2023/11/13 12:0 a.m.•74 views

CVE-2023-46014

The CVE-2023-46014 case concerns Code-Projects Blood Bank v1.0. A SQL Injection flaw exists in hospitalLogin.php, exploitable via the hemail and hpassword parameters, enabling arbitrary SQL commands and potential authentication bypass. Technical context from connected documents confirms the vulne...

5.5CVSS6.2AI score0.00394EPSS

Exploits5References1Affected Software1

CVE•added 2023/11/13 12:0 a.m.•64 views

CVE-2023-46018

Summary: CVE-2023-46018 affects Code-Projects Blood Bank 1.0. The vulnerability is a SQL injection in receiverReg.php via the remail parameter due to insufficient input validation, enabling attackers to run arbitrary SQL commands and potentially access data. The exploit is demonstrated in PoCs/ex...

5.5CVSS6.1AI score0.00355EPSS

Exploits5References1Affected Software1

Vulnrichment•added 2023/11/13 12:0 a.m.•17 views

CVE-2023-46014

SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters...

8.6AI score0.00394EPSS

Exploits5References1

Cvelist•added 2023/11/13 12:0 a.m.•32 views

CVE-2023-46016

Cross Site Scripting XSS in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL...

6.3AI score0.00471EPSS

Exploits2References1

Cvelist•added 2023/11/13 12:0 a.m.•28 views

CVE-2023-46015

Cross Site Scripting XSS vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL...

6.2AI score0.00471EPSS

Exploits3References1

Positive Technologies•added 2023/11/13 12:0 a.m.•5 views

PT-2023-29799 · Unknown · Code-Projects Blood Bank

Name of the Vulnerable Software and Affected Versions: Code-Projects Blood Bank version 1.0 Description: The issue allows attackers to execute arbitrary SQL commands via the remail parameter in the receiverReg.php file. This can potentially lead to unauthorized access and manipulation of sensitiv...

5.5CVSS6.2AI score0.00355EPSS

Exploits5References3

GithubExploit•added 2023/11/11 10:54 a.m.•22 views

Exploit for SQL Injection in Code-Projects Blood_Bank

CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-...

7.8CVSS8.4AI score0.00795EPSS

Exploits4

GithubExploit•added 2023/11/11 8:23 a.m.•13 views

Exploit for Cross-site Scripting in Code-Projects Blood_Bank

CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Si...

6.1CVSS6.8AI score0.00471EPSS

Exploits2

GithubExploit•added 2023/11/10 7:40 p.m.•14 views

Exploit for Cross-site Scripting in Code-Projects Blood_Bank

CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Si...

6.1CVSS6.8AI score0.00471EPSS

Exploits3

Positive Technologies•added 2023/11/10 12:0 a.m.•4 views

PT-2023-29795 · Unknown · Code-Projects Blood Bank

Name of the Vulnerable Software and Affected Versions: Code-Projects Blood Bank version 1.0 Description: The issue allows attackers to execute arbitrary SQL commands by exploiting the SQL Injection vulnerability in the hospitalLogin.php file. This is achieved via the hemail and hpassword...

5.5CVSS6.4AI score0.00394EPSS

Exploits5References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by