Description

A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file reset.php. The manipulation of the argument useremail leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Related CPE's

a

blood_bank_system_project

blood_bank_system

1.0

Vulnerable

References

https://code-projects.org/

Product

https://github.com/siyuancn-hub/cve/blob/main/sql7-.md

ExploitThird Party Advisory

https://vuldb.com/?ctiid.280164

Permissions Required

https://vuldb.com/?id.280164

Third Party Advisory

https://vuldb.com/?submit.422189

Third Party Advisory

Weaknesses

[email protected]

Secondary
CWE-89

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

6.3 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2024-10-12T11:15:13.737Z

1 year ago

Last modified

2024-10-16T20:13:05.583Z

1 year ago