Vulnerabilities > Code Projects > Blood Bank > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-13 | CVE-2023-46019 | Cross-site Scripting vulnerability in Code-Projects Blood Bank 1.0 Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter. | 6.1 |
| 2023-11-13 | CVE-2023-46020 | Cross-site Scripting vulnerability in Code-Projects Blood Bank 1.0 Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters. | 6.1 |
| 2023-11-13 | CVE-2023-46021 | SQL Injection vulnerability in Code-Projects Blood Bank 1.0 SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter. | 5.5 |
| 2023-11-13 | CVE-2023-46014 | SQL Injection vulnerability in Code-Projects Blood Bank 1.0 SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters. | 5.5 |
| 2023-11-13 | CVE-2023-46015 | Cross-site Scripting vulnerability in Code-Projects Blood Bank 1.0 Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL. | 6.1 |
| 2023-11-13 | CVE-2023-46016 | Cross-site Scripting vulnerability in Code-Projects Blood Bank 1.0 Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL. | 6.1 |
| 2023-11-13 | CVE-2023-46017 | SQL Injection vulnerability in Code-Projects Blood Bank 1.0 SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters. | 5.5 |
| 2023-11-13 | CVE-2023-46018 | SQL Injection vulnerability in Code-Projects Blood Bank 1.0 SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter. | 5.5 |