CVE-2024-9805 | code-projects Blood Bank System 1.0 /admin/campsdetails.php hospital/address/city/contact cross site scripting

Posted by Angelo Barbosa | Oct 10, 2024 | CVE

A vulnerability was found in code-projects Blood Bank System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/campsdetails.php. The manipulation of the argument hospital/address/city/contact leads to cross site scripting.

The identification of this vulnerability is CVE-2024-9805. The attack may be initiated remotely. Furthermore, there is an exploit available.

The initial researcher advisory only mentions the parameter “hospital”.

CVE-2024-9805 | code-projects Blood Bank System 1.0 /admin/campsdetails.php hospital/address/city/contact cross site scripting

Related Posts

CVE-2024-28434 | Twenty 0.3.0 SVG File cross site scripting

CVE-2023-45918 | GNU ncurses 6.4-20230610 tgetstr null pointer dereference

CVE-2024-25531 | RuvarOA 6.01/12.01 SearchCondiction.aspx PageID sql injection

CVE-2024-3590 | LetterPress Plugin up to 1.2.2 on WordPress cross-site request forgery