Vulnerabilities > Code Projects > Blood Bank

DATE CVE VULNERABILITY TITLE RISK
2023-11-14 CVE-2023-46022 SQL Injection vulnerability in Code-Projects Blood Bank 1.0
SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter.
local
low complexity
code-projects CWE-89
7.8
2023-11-13 CVE-2023-46019 Cross-site Scripting vulnerability in Code-Projects Blood Bank 1.0
Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter.
network
low complexity
code-projects CWE-79
6.1
2023-11-13 CVE-2023-46020 Cross-site Scripting vulnerability in Code-Projects Blood Bank 1.0
Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters.
network
low complexity
code-projects CWE-79
6.1
2023-11-13 CVE-2023-46021 SQL Injection vulnerability in Code-Projects Blood Bank 1.0
SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter.
local
low complexity
code-projects CWE-89
5.5
2023-11-13 CVE-2023-46014 SQL Injection vulnerability in Code-Projects Blood Bank 1.0
SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters.
local
low complexity
code-projects CWE-89
5.5
2023-11-13 CVE-2023-46015 Cross-site Scripting vulnerability in Code-Projects Blood Bank 1.0
Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL.
network
low complexity
code-projects CWE-79
6.1
2023-11-13 CVE-2023-46016 Cross-site Scripting vulnerability in Code-Projects Blood Bank 1.0
Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL.
network
low complexity
code-projects CWE-79
6.1
2023-11-13 CVE-2023-46017 SQL Injection vulnerability in Code-Projects Blood Bank 1.0
SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters.
local
low complexity
code-projects CWE-89
5.5
2023-11-13 CVE-2023-46018 SQL Injection vulnerability in Code-Projects Blood Bank 1.0
SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter.
local
low complexity
code-projects CWE-89
5.5