8 matches found
CVE-2025-63533
A cross-site scripting XSS vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and rprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript...
Blood Bank Management System 安全漏洞
Blood Bank Management System is a blood bank management system by shridhar shukla individual developer. A security vulnerability exists in Blood Bank Management System version 1.0, which stems from the updateprofile.php and hprofile.php components not being cleaned of user input, which could lead...
EUVD-2025-199998
A cross-site scripting XSS vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and hprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript...
Client Details System update-profile.php File SQL Injection Vulnerability
Client Details System is a client information system. Client Details System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter uid in the file /admin/update-profile.php. An attacker can exploit this...
Code-Projects Client Details System SQL注入漏洞
Client Details System is a client information system. Client Details System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter uid in the file /admin/update-profile.php. An attacker can exploit this...
CVE-2025-10625 SourceCodester Online Exam Form Submission dashboard.php sql injection
A vulnerability was detected in SourceCodester Online Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /user/dashboard.php?page=updateprofile. The manipulation of the argument phone results in sql injection. The attack may be launched remotely. The...
PT-2025-38287
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Exam Form Submission version 1.0 Description: A SQL injection issue exists due to the manipulation of the phone argument in the file /user/dashboard.php?page=update profile. The attack can be launched remotely. The explo...
PT-2022-24382 · Suprema · Suprema Biostar 2
Name of the Vulnerable Software and Affected Versions: Suprema BioStar aka Bio Star 2 version 2.8.16 Description: A vulnerability in the software allows attackers to escalate privileges to System Administrator via a crafted PUT request to the "update profile page" API endpoint. This issue enables...