Vulnerabilities > CVE-2025-2038 - Information Exposure Through Directory Listing vulnerability in Code-Projects Blood Bank Management System 1.0

CVSS 7.3 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

LOW

network

low complexity

code-projects

CWE-548

NVD

Published: 2025-03-06

Updated: 2025-05-13

Summary

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /upload/. The manipulation leads to exposure of information through directory listing. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Vulnerable Configurations

Part	Description	Count
Application	Code-Projects Code Projects Blood Bank Management System 1.0	1

Common Weakness Enumeration (CWE)

CWE-548 - Information Exposure Through Directory Listing

References

https://code-projects.org/
https://github.com/intercpt/XSS1/blob/main/Directorylisting.md
https://vuldb.com/?ctiid.298781
https://vuldb.com/?id.298781
https://vuldb.com/?submit.512558