CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-46017 – Blood Bank 1.0 SQL Injection
https://notcve.org/view.php?id=CVE-2023-46017
SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters. Vulnerabilidad de inyección SQL en ReceiverLogin.php en Code-Projects Blood Bank 1.0 permite a atacantes ejecutar comandos SQL arbitrarios a través de los parámetros 'remail' y 'rpassword'. Blood Bank version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Nitin Sharma in October of 2021. • https://github.com/ersinerenler/CVE-2023-46017-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-37070
https://notcve.org/view.php?id=CVE-2023-37070
Code Projects Hospital Information System 1.0 is vulnerable to Cross Site Scripting (XSS) • https://code-projects.org/hospital-information-system-in-php-with-source-code https://github.com/InfoSecWarrior/Offensive-Payloads/blob/main/Cross-Site-Scripting-XSS-Payloads.txt https://github.com/Mr-Secure-Code/My-CVE/blob/main/CVE-2023-37070-Exploit.md https://github.com/riteshs4hu/My-CVE/blob/main/CVE-2023-37070-Exploit.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-37627
https://notcve.org/view.php?id=CVE-2023-37627
Code-projects Online Restaurant Management System 1.0 is vulnerable to SQL Injection. Through SQL injection, an attacker can bypass the admin panel and view order records, add items, delete items etc. • https://code-projects.org/online-restaurant-management-system-in-php-with-source-code https://gist.github.com/1337kid/d3e7702bd19cc9355a6b3f153eb2fe8e • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1500 – code-projects Simple Art Gallery adminHome.php cross site scripting
https://notcve.org/view.php?id=CVE-2023-1500
A vulnerability, which was classified as problematic, has been found in code-projects Simple Art Gallery 1.0. Affected by this issue is some unknown functionality of the file adminHome.php. The manipulation of the argument about_info leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Decemberus/BugHub/blob/main/SIMPLE%20ART%20GALLERY%20system%20has%20%20Cross%20site%20scripting%20vulnerabilities.pdf https://vuldb.com/?ctiid.223400 https://vuldb.com/?id.223400 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1499 – code-projects Simple Art Gallery adminHome.php sql injection
https://notcve.org/view.php?id=CVE-2023-1499
A vulnerability classified as critical was found in code-projects Simple Art Gallery 1.0. Affected by this vulnerability is an unknown functionality of the file adminHome.php. The manipulation of the argument reach_city leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Fchen-xcu/Vulnerability-Set/blob/main/SIMPLE%20ART%20GALLERY%20system%20reach_city%20has%20Sql%20injection%20vulnerabilities.pdf https://vuldb.com/?ctiid.223399 https://vuldb.com/?id.223399 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •