CVE-2024-8173SQL Injection in Blood Bank System

CWE-89SQL Injection3 documents3 sources
Severity
6.9MEDIUMNVD
EPSS
0.1%
top 80.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Code-projects Blood Bank SystemBlood Bank System Project Blood Bank System
Timeline
PublishedAug 26

Description

A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file /login.php of the component Login Page. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-mhrr-6g42-v5rq: A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 12024-08-26
CVEList
code-projects Blood Bank System Login Page login.php sql injection2024-08-26
CVE-2024-8173 — SQL Injection in Blood Bank System | cvebase