~/products/phpgurukul/blood_bank_donor_management_system

pipeline liveDigest Docs

Phpgurukul Blood Bank Donor Management System vulnerabilities

6 known vulnerabilities affecting phpgurukul/blood_bank_donor_management_system.

Total CVEs

6

CISA KEV

0

Public exploits

1

Exploited in wild

0

Severity breakdown

HIGH1MEDIUM5

Vulnerabilities

Page 1 of 1

CVE-2025-50487HIGHCVSS 7.1v2.42025-07-28

CVE-2025-50487 [HIGH] CWE-613 CVE-2025-50487: Improper session invalidation in the component /bbdms/change-password.php of PHPGurukul Blood Bank & Improper session invalidation in the component /bbdms/change-password.php of PHPGurukul Blood Bank & Donor Management System v2.4 allows attackers to execute a session hijacking attack.

CVE-2025-4176MEDIUMCVSS 6.9v2.42025-05-01

CVE-2025-4176 [MEDIUM] CWE-74 CVE-2025-4176: A vulnerability has been found in PHPGurukul Blood Bank & Donor Management System 2.4 and classified A vulnerability has been found in PHPGurukul Blood Bank & Donor Management System 2.4 and classified as critical. This vulnerability affects unknown code of the file /admin/request-received-bydonar.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public

CVE-2024-12982MEDIUMCVSS 5.1v2.42024-12-27

CVE-2024-12982 [MEDIUM] CWE-79 CVE-2024-12982: A vulnerability was found in PHPGurukul Blood Bank & Donor Management System 2.4. It has been rated A vulnerability was found in PHPGurukul Blood Bank & Donor Management System 2.4. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /bbdms/admin/update-contactinfo.php. The manipulation of the argument Address leads to cross site scripting. The attack may be launched remotely. The exploit has been discl

CVE-2024-12955MEDIUMCVSS 6.9PoCv2.42024-12-26

CVE-2024-12955 [MEDIUM] CWE-352 CVE-2024-12955: A vulnerability has been found in PHPGurukul Blood Bank & Donor Management System 2.4 and classified A vulnerability has been found in PHPGurukul Blood Bank & Donor Management System 2.4 and classified as problematic. This vulnerability affects unknown code of the file /logout.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-0476MEDIUMCVSS 4.8v1.02024-01-13

CVE-2024-0476 [MEDIUM] CWE-79 CVE-2024-0476: A vulnerability, which was classified as problematic, was found in Blood Bank & Donor Management 1.0 A vulnerability, which was classified as problematic, was found in Blood Bank & Donor Management 1.0. This affects an unknown part of the file request-received-bydonar.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-2505

CVE-2023-41575MEDIUMCVSS 5.4v2.22023-09-08

CVE-2023-41575 [MEDIUM] CWE-79 CVE-2023-41575: Multiple stored cross-site scripting (XSS) vulnerabilities in /bbdms/sign-up.php of Blood Bank & Don Multiple stored cross-site scripting (XSS) vulnerabilities in /bbdms/sign-up.php of Blood Bank & Donor Management v2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Full Name, Message, or Address parameters.