Blood Bank
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-46022 | Hig | 0.54 | 7.8 | 0.01 | Nov 14, 2023 | SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter. | ||
| CVE-2023-46020 | Med | 0.40 | 6.1 | 0.00 | Nov 13, 2023 | Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters. | ||
| CVE-2023-46019 | Med | 0.40 | 6.1 | 0.00 | Nov 13, 2023 | Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter. | ||
| CVE-2023-46016 | Med | 0.40 | 6.1 | 0.00 | Nov 13, 2023 | Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL. | ||
| CVE-2023-46015 | Med | 0.40 | 6.1 | 0.00 | Nov 13, 2023 | Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL. | ||
| CVE-2023-46021 | Med | 0.36 | 5.5 | 0.00 | Nov 13, 2023 | SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter. | ||
| CVE-2023-46018 | Med | 0.36 | 5.5 | 0.00 | Nov 13, 2023 | SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter. | ||
| CVE-2023-46017 | Med | 0.36 | 5.5 | 0.00 | Nov 13, 2023 | SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters. | ||
| CVE-2023-46014 | Med | 0.36 | 5.5 | 0.00 | Nov 13, 2023 | SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters. |
- risk 0.54cvss 7.8epss 0.01
SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter.
- risk 0.40cvss 6.1epss 0.00
Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters.
- risk 0.40cvss 6.1epss 0.00
Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter.
- risk 0.40cvss 6.1epss 0.00
Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL.
- risk 0.40cvss 6.1epss 0.00
Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL.
- risk 0.36cvss 5.5epss 0.00
SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter.
- risk 0.36cvss 5.5epss 0.00
SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter.
- risk 0.36cvss 5.5epss 0.00
SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters.
- risk 0.36cvss 5.5epss 0.00
SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters.