CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-46016
https://notcve.org/view.php?id=CVE-2023-46016
Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL. Cross Site Scripting (XSS) en abs.php en Code-Projects Blood Bank 1.0 permite a los atacantes ejecutar código arbitrario a través del parámetro 'search' en la URL de la aplicación. • https://github.com/ersinerenler/CVE-2023-46016-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-46019
https://notcve.org/view.php?id=CVE-2023-46019
Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter. Vulnerabilidad de Cross Site Scripting (XSS) en abs.php en Code-Projects Blood Bank 1.0 permite a atacantes ejecutar código arbitrario a través del parámetro 'error'. • https://github.com/ersinerenler/CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-46014 – Blood Bank 1.0 SQL Injection
https://notcve.org/view.php?id=CVE-2023-46014
SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters. Vulnerabilidad de inyección SQL en hospitalLogin.php en Code-Projects Blood Bank 1.0 permite a atacantes ejecutar comandos SQL arbitrarios a través de los parámetros 'hemail' y 'hpassword'. Blood Bank version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Nitin Sharma in October of 2021. • https://github.com/ersinerenler/CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-46020 – Blood Bank 1.0 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2023-46020
Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters. Cross Site Scripting (XSS) en updateprofile.php en Code-Projects Blood Bank 1.0 permite a los atacantes ejecutar código arbitrario a través de los parámetros 'rename', 'remail', 'rphone' y 'rcity'. Blood Bank version 1.0 suffers from a persistent cross site scripting vulnerability. • https://github.com/ersinerenler/CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-46018 – Blood Bank 1.0 SQL Injection
https://notcve.org/view.php?id=CVE-2023-46018
SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter. Vulnerabilidad de inyección SQL en ReceiverReg.php en Code-Projects Blood Bank 1.0 permite a atacantes ejecutar comandos SQL arbitrarios a través del parámetro 'remail'. Blood Bank version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Nitin Sharma in October of 2021. • https://github.com/ersinerenler/CVE-2023-46018-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •