277 matches found
CVE-2026-7732
A vulnerability was detected in code-projects BloodBank Managing System 1.0. The impacted element is an unknown function of the file requestblood.php. The manipulation results in unrestricted upload. The attack can be executed remotely. The exploit is now public and may be used...
CVE-2026-7732
A vulnerability was detected in code-projects BloodBank Managing System 1.0. The impacted element is an unknown function of the file requestblood.php. The manipulation results in unrestricted upload. The attack can be executed remotely. The exploit is now public and may be used...
EUVD-2026-26910
A vulnerability was detected in code-projects BloodBank Managing System 1.0. The impacted element is an unknown function of the file requestblood.php. The manipulation results in unrestricted upload. The attack can be executed remotely. The exploit is now public and may be used...
CVE-2026-7732
CVE-2026-7732 affects code-projects BloodBank Managing System 1.0. The vulnerable element is an unknown function in request_blood.php, allowing an unrestricted upload. The attack can be executed remotely and the exploit is public. No remediation details are provided in the supplied documents.
CVE-2026-7732 code-projects BloodBank Managing System request_blood.php unrestricted upload
A vulnerability was detected in code-projects BloodBank Managing System 1.0. The impacted element is an unknown function of the file requestblood.php. The manipulation results in unrestricted upload. The attack can be executed remotely. The exploit is now public and may be used...
CVE-2026-7731 code-projects BloodBank Managing System get_state.php sql injection
A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. The affected element is an unknown function of the file getstate.php. The manipulation of the argument GSTATEID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-7731
CVE-2026-7731 affects code-projects BloodBank Managing System 1.0. The vulnerability is an SQL injection in an unknown function within get_state.php triggered by manipulating the G_STATE_ID argument. It allows remote exploitation and the exploit has been publicly disclosed. Connected sources prov...
PT-2026-36761
A vulnerability was detected in code-projects BloodBank Managing System 1.0. The impacted element is an unknown function of the file request blood.php. The manipulation results in unrestricted upload. The attack can be executed remotely. The exploit is now public and may be used...
PT-2026-36760
A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. The affected element is an unknown function of the file get state.php. The manipulation of the argument G STATE ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2018-25263
Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler SEH overwrite. Attackers can craft a malicious payload and paste it into the Device alias field within the Managing Log...
EUVD-2018-21791
Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler SEH overwrite. Attackers can craft a malicious payload and paste it into the Device alias field within the Managing Log...
CVE-2018-25263
Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler SEH overwrite. Attackers can craft a malicious payload and paste it into the Device alias field within the Managing Log...
Faleemi Desktop Software 安全漏洞
Faleemi Desktop Software is a desktop application developed by Faleemi Corporation in the United States. Version 1.8.2 of Faleemi Desktop Software contains a security vulnerability. This vulnerability stems from a local buffer overflow in the Device alias field. It may allow local attackers to...
PT-2026-35241
Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler SEH overwrite. Attackers can craft a malicious payload and paste it into the Device alias field within the Managing Log...
Stored-Cross-Site-Scripting-XSS-in-Donor-Registration-Leading-to-Admin-Session-Hijacking
Stored XSS in BloodBank Managing System — Donor Registration...
CVE-2026-5240
A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. This affects an unknown part of the file /adminstate.php. The manipulation of the argument statename leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
EUVD-2026-17735
A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. This affects an unknown part of the file /adminstate.php. The manipulation of the argument statename leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2026-5240
A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. This affects an unknown part of the file /adminstate.php. The manipulation of the argument statename leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2026-5240
CVE-2026-5240 affects code-projects BloodBank Managing System 1.0. The issue arises in an unknown part of /admin_state.php where manipulating the statename argument causes a cross-site scripting (XSS) vulnerability. The description notes remote initiation and that the exploit has been publicly di...
CVE-2026-5240 code-projects BloodBank Managing System admin_state.php cross site scripting
A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. This affects an unknown part of the file /adminstate.php. The manipulation of the argument statename leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...