6 matches found
CVE-2025-63526
A cross-site scripting XSS vulnerability exists in the Blood Bank Management System within the abs.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg parameter,...
CVE-2025-63526
A cross-site scripting XSS vulnerability exists in the Blood Bank Management System within the abs.php component. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the msg parameter,...
CVE-2025-63526
The affected product is the Blood Bank Management System (abs.php). The vulnerability is a cross-site scripting (XSS) flaw caused by improper sanitization/encoding of user input before rendering in the response. An attacker can inject malicious JavaScript into the msg parameter, which is executed...
CVE-2025-63535
A SQL injection vulnerability exists in Blood Bank Management System 1.0 in the abs.php component. The flaw stems from improper sanitization of user input in SQL queries, enabling an attacker to inject arbitrary SQL through the search field and bypass authentication to gain unauthorized access. A...
CVE-2024-10408
A vulnerability has been found in code-projects Blood Bank Management up to 1.0 and classified as critical. This vulnerability affects unknown code of the file /abs.php. The manipulation of the argument search leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2023-46016
Cross Site Scripting XSS in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL...