CVE-2025-1904

CWE-79Cross-site Scripting (XSS)CWE-94Code Injection3 documents3 sources
Severity
5.1MEDIUM
EPSS
0.3%
top 49.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Code-projects Blood Bank System
Timeline
PublishedMar 4

Description

A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank System 1.0. Affected by this issue is some unknown functionality of the file /Blood/A+.php. The manipulation of the argument Availibility leads to cross site scripting. The attack may be launched remotely.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

🔴Vulnerability Details

2
CVEList
code-projects Blood Bank System A+.php cross site scripting2025-03-04
GHSA
GHSA-3w7p-h565-28xc: A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank System 12025-03-04
CVE-2025-1904 (MEDIUM CVSS 5.1) | A vulnerability | cvebase.io