CVE-2024-9817 – code-projects Blood Bank System update.php sql injection
https://notcve.org/view.php?id=CVE-2024-9817
A vulnerability was found in code-projects Blood Bank System 1.0. It has been classified as critical. This affects an unknown part of the file /update.php. The manipulation of the argument name leads to sql injection. It is possible to initiate the attack remotely. • https://code-projects.org https://github.com/RonenWen/cve/blob/main/sql6-update-name.md https://vuldb.com/?ctiid.279969 https://vuldb.com/?id.279969 https://vuldb.com/?submit.421134 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-9812 – code-projects Crud Operation System delete.php sql injection
https://notcve.org/view.php?id=CVE-2024-9812
A vulnerability classified as critical was found in code-projects Crud Operation System 1.0. This vulnerability affects unknown code of the file delete.php. The manipulation of the argument sid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?id.279964 https://vuldb.com/?ctiid.279964 https://vuldb.com/?submit.418729 https://github.com/ppp-src/a/issues/25 https://code-projects.org • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-9811 – code-projects Restaurant Reservation System filter3.php sql injection
https://notcve.org/view.php?id=CVE-2024-9811
A vulnerability classified as critical has been found in code-projects Restaurant Reservation System 1.0. This affects an unknown part of the file filter3.php. The manipulation of the argument company leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?id.279963 https://vuldb.com/?ctiid.279963 https://vuldb.com/?submit.418728 https://github.com/ppp-src/a/issues/24 https://code-projects.org • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-9805 – code-projects Blood Bank System campsdetails.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-9805
A vulnerability was found in code-projects Blood Bank System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/campsdetails.php. The manipulation of the argument hospital/address/city/contact leads to cross site scripting. The attack may be initiated remotely. • https://code-projects.org https://github.com/sternstundes/cve/blob/main/xss5.md https://vuldb.com/?ctiid.279953 https://vuldb.com/?id.279953 https://vuldb.com/?submit.418619 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-9804 – code-projects Blood Bank System campsdetails.php sql injection
https://notcve.org/view.php?id=CVE-2024-9804
A vulnerability was found in code-projects Blood Bank System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/campsdetails.php. The manipulation of the argument hospital leads to sql injection. The attack can be initiated remotely. • https://code-projects.org https://github.com/sternstundes/cve/blob/main/sql5-campdetails.md https://vuldb.com/?ctiid.279952 https://vuldb.com/?id.279952 https://vuldb.com/?submit.418618 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •