Code-Projects Blood Bank System vulnerabilities

CVE-2024-8173 [MEDIUM] CWE-89 CVE-2024-8173: A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file /login.php of the component Login Page. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-8174 [MEDIUM] CWE-79 CVE-2024-8174: A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic. A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login.php of the component Login Page. The manipulation of the argument user leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to th