3502 matches found
Code-Projects Blood Bank Security Breach
Code-Projects Blood Bank is a blood bank system for the Code-Projects project. A security vulnerability exists in Code-Projects Blood Bank version 1.0, which stems from a Reflected Cross-Site Scripting XSS vulnerability in the parameter search in the file abs.php...
Code-Projects Blood Bank Security Breach
Code-Projects Blood Bank is a blood bank system from the Code-Projects project. A security vulnerability exists in Code-Projects Blood Bank version 1.0, which stems from a SQL injection vulnerability in the parameters remail and rpassword in the file receiverLogin.php...
CVE-2023-46019
Cross Site Scripting XSS vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter...
CVE-2023-46020
Code-Projects Blood Bank 1.0 is affected by a Stored XSS in updateprofile.php. The vulnerability stems from insufficient input validation/sanitization of parameters rename, remail, rphone, and rcity, allowing injected scripts to be stored and executed in other users’ browsers. Exploit details and...
Code-Projects Blood Bank Security Breach
Code-Projects Blood Bank is a blood bank system from the Code-Projects project. A security vulnerability exists in Code-Projects Blood Bank version 1.0, which stems from an SQL injection vulnerability in the parameters hemail and hpassword of the file hospitalLogin.php...
PT-2023-29799 · Unknown · Code-Projects Blood Bank
Name of the Vulnerable Software and Affected Versions: Code-Projects Blood Bank version 1.0 Description: The issue allows attackers to execute arbitrary SQL commands via the remail parameter in the receiverReg.php file. This can potentially lead to unauthorized access and manipulation of sensitiv...
CVE-2023-46017
SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters...
CVE-2023-46015
Cross Site Scripting XSS vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL...
PT-2023-29797 · Unknown · Code-Projects Blood Bank
Name of the Vulnerable Software and Affected Versions: Code-Projects Blood Bank version 1.0 Description: The issue allows attackers to run arbitrary code via the search parameter in the application URL. This is due to a Cross Site Scripting XSS flaw in the abs.php file. Recommendations: For...
CVE-2023-46018
Summary: CVE-2023-46018 affects Code-Projects Blood Bank 1.0. The vulnerability is a SQL injection in receiverReg.php via the remail parameter due to insufficient input validation, enabling attackers to run arbitrary SQL commands and potentially access data. The exploit is demonstrated in PoCs/ex...
CVE-2023-46020
Cross Site Scripting XSS in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters...
CVE-2023-46016
Code-Projects Blood Bank 1.0 is vulnerable to a reflected XSS in abs.php via the search parameter. The issue stems from insufficient input sanitization, allowing an attacker to inject and execute arbitrary script in a victim’s browser. A PoC exploit is provided showing the attack payload and affe...
CVE-2023-46018
SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter...
CVE-2023-46021
Code-Projects Blood Bank v1.0 is affected by a SQL Injection in cancel.php via the reqid parameter. The root cause is insufficient input validation, enabling an attacker to execute arbitrary commands (local attack; high confidentiality impact; no integrity/availability impact reported). Public re...
CVE-2023-46015
Cross Site Scripting XSS vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL...
CVE-2023-46016
Cross Site Scripting XSS in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL...
Exploit for SQL Injection in Code-Projects Blood_Bank
CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-...
Exploit for Cross-site Scripting in Code-Projects Blood_Bank
CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Si...
Exploit for Cross-site Scripting in Code-Projects Blood_Bank
CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Si...
PT-2023-29795 · Unknown · Code-Projects Blood Bank
Name of the Vulnerable Software and Affected Versions: Code-Projects Blood Bank version 1.0 Description: The issue allows attackers to execute arbitrary SQL commands by exploiting the SQL Injection vulnerability in the hospitalLogin.php file. This is achieved via the hemail and hpassword...