A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /viewrequest.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
History

Tue, 22 Oct 2024 18:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:code-projects:blood_bank_system:1.0:*:*:*:*:*:*:*

Mon, 21 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Code-projects
Code-projects blood Bank System
CPEs cpe:2.3:a:code-projects:blood_bank_system:*:*:*:*:*:*:*:*
Vendors & Products Code-projects
Code-projects blood Bank System
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sat, 19 Oct 2024 17:15:00 +0000

Type Values Removed Values Added
Description A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /viewrequest.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Title code-projects Blood Bank System viewrequest.php cross site scripting
Weaknesses CWE-79
References
Metrics cvssV2_0

{'score': 4, 'vector': 'AV:N/AC:L/Au:S/C:N/I:P/A:N'}

cvssV3_0

{'score': 3.5, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N'}

cvssV3_1

{'score': 3.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2024-10-19T17:00:05.596Z

Updated: 2024-10-21T13:55:10.169Z

Reserved: 2024-10-18T16:26:29.371Z

Link: CVE-2024-10142

cve-icon Vulnrichment

Updated: 2024-10-21T13:55:04.653Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-19T17:15:10.657

Modified: 2024-10-22T18:11:20.450

Link: CVE-2024-10142

cve-icon Redhat

No data.