Vulnerabilities > Code Projects

DATE CVE VULNERABILITY TITLE RISK
2023-11-14 CVE-2023-46580 Cross-site Scripting vulnerability in Code-Projects Inventory Management 1.0
Cross-Site Scripting (XSS) vulnerability in Inventory Management V1.0 allows attackers to execute arbitrary code via the pname parameter of the editProduct.php component.
network
low complexity
code-projects CWE-79
5.4
2023-11-14 CVE-2023-46581 SQL Injection vulnerability in Code-Projects Inventory Management 1.0
SQL injection vulnerability in Inventory Management v.1.0 allows a local attacker to execute arbitrary code via the name, uname and email parameters in the registration.php component.
local
low complexity
code-projects CWE-89
5.5
2023-11-14 CVE-2023-46582 SQL Injection vulnerability in Code-Projects Inventory Management 1.0
SQL injection vulnerability in Inventory Management v.1.0 allows a local attacker to execute arbitrary SQL commands via the id paramter in the deleteProduct.php component.
local
low complexity
code-projects CWE-89
7.8
2023-11-13 CVE-2023-46019 Cross-site Scripting vulnerability in Code-Projects Blood Bank 1.0
Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter.
network
low complexity
code-projects CWE-79
6.1
2023-11-13 CVE-2023-46020 Cross-site Scripting vulnerability in Code-Projects Blood Bank 1.0
Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters.
network
low complexity
code-projects CWE-79
6.1
2023-11-13 CVE-2023-46021 SQL Injection vulnerability in Code-Projects Blood Bank 1.0
SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter.
local
low complexity
code-projects CWE-89
5.5
2023-11-13 CVE-2023-46014 SQL Injection vulnerability in Code-Projects Blood Bank 1.0
SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters.
local
low complexity
code-projects CWE-89
5.5
2023-11-13 CVE-2023-46015 Cross-site Scripting vulnerability in Code-Projects Blood Bank 1.0
Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL.
network
low complexity
code-projects CWE-79
6.1
2023-11-13 CVE-2023-46016 Cross-site Scripting vulnerability in Code-Projects Blood Bank 1.0
Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL.
network
low complexity
code-projects CWE-79
6.1
2023-11-13 CVE-2023-46017 SQL Injection vulnerability in Code-Projects Blood Bank 1.0
SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters.
local
low complexity
code-projects CWE-89
5.5