Lucene search
K

8 matches found

Vulnrichment
Vulnrichment
added 2025/12/01 12:0 a.m.4 views

CVE-2025-63533

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and rprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript...

8.5CVSS5.5AI score0.00186EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.5 views

Blood Bank Management System 安全漏洞

Blood Bank Management System is a blood bank management system by shridhar shukla individual developer. A security vulnerability exists in Blood Bank Management System version 1.0, which stems from the updateprofile.php and hprofile.php components not being cleaned of user input, which could lead...

8.5CVSS6AI score0.0028EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/01 12:0 a.m.7 views

EUVD-2025-199998

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and hprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript...

8.5CVSS5.4AI score0.0028EPSS
Exploits1References4
CNVD
CNVD
added 2025/10/15 12:0 a.m.4 views

Client Details System update-profile.php File SQL Injection Vulnerability

Client Details System is a client information system. Client Details System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter uid in the file /admin/update-profile.php. An attacker can exploit this...

8.8CVSS8.1AI score0.00332EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/10/11 12:0 a.m.5 views

Code-Projects Client Details System SQL注入漏洞

Client Details System is a client information system. Client Details System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter uid in the file /admin/update-profile.php. An attacker can exploit this...

8.8CVSS7.9AI score0.00332EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/09/17 11:2 p.m.14 views

CVE-2025-10625 SourceCodester Online Exam Form Submission dashboard.php sql injection

A vulnerability was detected in SourceCodester Online Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /user/dashboard.php?page=updateprofile. The manipulation of the argument phone results in sql injection. The attack may be launched remotely. The...

6.5CVSS0.00308EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/09/17 12:0 a.m.8 views

PT-2025-38287

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Exam Form Submission version 1.0 Description: A SQL injection issue exists due to the manipulation of the phone argument in the file /user/dashboard.php?page=update profile. The attack can be launched remotely. The explo...

6.5CVSS6.5AI score0.00308EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2022/09/19 12:0 a.m.6 views

PT-2022-24382 · Suprema · Suprema Biostar 2

Name of the Vulnerable Software and Affected Versions: Suprema BioStar aka Bio Star 2 version 2.8.16 Description: A vulnerability in the software allows attackers to escalate privileges to System Administrator via a crafted PUT request to the "update profile page" API endpoint. This issue enables...

8.8CVSS8.7AI score0.0089EPSS
Exploits1References6
Rows per page
Query Builder