17 matches found
CVE-2025-1577
CVE-2025-1577 affects Code-Projects Blood Bank System 1.0. The vulnerability is a cross-site scripting (XSS) in the unknown functionality handled by /prostatus.php, triggered by manipulating the message parameter. This may be exploitable remotely. Public exploitation details are provided across m...
CVE-2025-1586
CVE-2025-1586 affects code-projects Blood Bank System 1.0. The vulnerability is a cross-site scripting (XSS) issue in the file /Blood/A-.php caused by unsafely handling the Bloodname parameter. It can be triggered remotely and has been publicly disclosed. Several connected sources corroborate the...
CVE-2025-1904
CVE-2025-1904 affects Code-Projects Blood Bank System 1.0. The vulnerability is in an unknown function of the file /Blood/A+.php, where manipulating the Availibility parameter enables cross-site scripting. The issue can be triggered remotely. Connected sources confirm the root cause is input hand...
CVE-2025-1579
The CVE-2025-1579 issue affects Code-Projects Blood Bank System 1.0. It is a cross-site scripting vulnerability triggered by manipulating the email parameter in /admin/user.php, due to how unknown processing handles inputs. The vulnerability is remotely exploitable, with the exploit disclosed pub...
CVE-2025-2049
CVE-2025-2049 affects the Code-Projects Blood Bank System 1.0. The vulnerability is in an unknown function of the file AB+.php where manipulation of the parameter Bloodname leads to cross-site scripting (XSS) . The description states the attack can be launched remotely and the exploit has been di...
CVE-2025-1957
The CVE-2025-1957 entry concerns code-projects Blood Bank System 1.0. Affected component: unknown code in /BBfile/Blood/o+.php, where manipulation of the Bloodname parameter enables cross-site scripting. Impact is described as low to moderate depending on data, with remote initiation and user int...
CVE-2024-9094
CVE-2024-9094 affects the code-projects Blood Bank System 1.0. The vulnerability is a SQL injection in the file /admin/blood/update/o-.php caused by manipulating the bloodname parameter. It can be exploited remotely, and the exploit has been publicly disclosed. Various connected sources confirm t...
CVE-2024-9804
CVE-2024-9804 affects code-projects Blood Bank System 1.0. A SQL injection vulnerability exists in the /admin/campsdetails.php page, via the hospital parameter. The issue can be exploited remotely and has publicly disclosed exploits. Multiple sources consistently identify the vulnerable component...
CVE-2024-12000
CVE-2024-12000 affects code-projects Blood Bank System 1.0 in the Setting Handler component. The vulnerability is a cross-site scripting (XSS) issue triggered by manipulating the firstname parameter in the /controllers/updatesettings.php file. The attack can be initiated remotely and exploits hav...
CVE-2024-9316
CVE-2024-9316 affects Code-projects Blood Bank Management System 1.0. Affected is an unknown function in the file /admin/blood/update/B+.php where the parameter Bloodname can be manipulated to cause a SQL injection. The vulnerability is exploitable remotely, and the exploit has been disclosed pub...
CVE-2024-10142
The CVE-2024-10142 entries describe a cross-site scripting flaw in code-projects Blood Bank System 1.0, specifically in /viewrequest.php. Affected component: /viewrequest.php in Blood Bank System 1.0; root cause not explicitly detailed in the documents. Impact: potential remote exploitation with ...
CVE-2024-9797
CVE-2024-9797 affects code-projects Blood Bank System 1.0. Affected is the file register.php ; manipulation of the user parameter leads to a remote SQL injection vulnerability. Exploitation has been publicly disclosed in multiple sources. Remediation guidance across connected documents recommends...
CVE-2024-9803
The CVE-2024-9803 entry concerns code-projects Blood Bank Management System 1.0. A cross-site scripting vulnerability is present in an unknown part of blooddetails.php, triggered by manipulating the Availibility parameter. The issue is exploitable remotely and the vulnerability has been disclosed...
CVE-2024-9084
The CVE-2024-9084 entry concerns a cross-site scripting (XSS) vulnerability in code-projects Blood Bank System 1.0, affecting the bbms.php file. The issue arises from manipulating the arguments fullname, age, bloodgroup, city, phno, and gender as part of a string, enabling remote exploitation and...
CVE-2024-9805
CVE-2024-9805 affects code-projects Blood Bank System 1.0, specifically the web endpoint /admin/campsdetails.php. The vulnerability arises from manipulating the parameter hospital/address/city/contact, which enables cross-site scripting. The issue may be exploited remotely and, per multiple sourc...
CVE-2024-10171
CVE-2024-10171 affects code-projects Blood Bank System up to version 1.0. Affected is an unknown function in /admin/massage.php where manipulation of the bid parameter enables SQL injection. Attacks are described as remote and exploitable with the exploit disclosed publicly. Connected sources (NV...
CVE-2024-9327
CVE-2024-9327 affects code-projects Blood Bank System 1.0, with SQL injection in the /forgot.php page via the useremail parameter. Attacker can exploit remotely; exploit/public disclosure noted. Connected sources (RH, NVD, CVE listings, CNNVD, Vuln enrichment) confirm vulnerability details but do...