Code-Projects Blood Bank vulnerabilities

9 known vulnerabilities affecting code-projects/blood_bank.

Total CVEs
9
CISA KEV
0
Public exploits
5
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM8

Vulnerabilities

Page 1 of 1
CVE-2023-46022HIGHCVSS 7.8PoCv1.02023-11-14
CVE-2023-46022 [HIGH] CWE-89 CVE-2023-46022: SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run ar SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter.
nvd
CVE-2023-46020MEDIUMCVSS 6.1PoCv1.02023-11-13
CVE-2023-46020 [MEDIUM] CWE-79 CVE-2023-46020: Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters.
nvd
CVE-2023-46014MEDIUMCVSS 5.5PoCv1.02023-11-13
CVE-2023-46014 [MEDIUM] CWE-89 CVE-2023-46014: SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters.
nvd
CVE-2023-46017MEDIUMCVSS 5.5PoCv1.02023-11-13
CVE-2023-46017 [MEDIUM] CWE-89 CVE-2023-46017: SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters.
nvd
CVE-2023-46016MEDIUMCVSS 6.1v1.02023-11-13
CVE-2023-46016 [MEDIUM] CWE-79 CVE-2023-46016: Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitr Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL.
nvd
CVE-2023-46021MEDIUMCVSS 5.5v1.02023-11-13
CVE-2023-46021 [MEDIUM] CWE-89 CVE-2023-46021: SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run ar SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter.
nvd
CVE-2023-46018MEDIUMCVSS 5.5PoCv1.02023-11-13
CVE-2023-46018 [MEDIUM] CWE-89 CVE-2023-46018: SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter.
nvd
CVE-2023-46015MEDIUMCVSS 6.1v1.02023-11-13
CVE-2023-46015 [MEDIUM] CWE-79 CVE-2023-46015: Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attacke Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL.
nvd
CVE-2023-46019MEDIUMCVSS 6.1v1.02023-11-13
CVE-2023-46019 [MEDIUM] CWE-79 CVE-2023-46019: Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter.
nvd