CVE-2025-63532

Critical CVSS: 9.6

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the cancel.php component. The application fails to properly sanitize user-supplied input in SQL queries, allowing an attacker to inject arbitrary SQL code. By manipulating the search field, an attacker can bypass authentication and gain unauthorized access to the system.

Vendor

Shridharshukl

Product

Blood Bank Management System

CWE

CWE-89

Yayın Tarihi

2025-12-01 16:15:55

Güncelleme

2025-12-04 18:08:16

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-89 Blood Bank Management System CRITICAL Shridharshukl 2025

Referanslar

https://drive.google.com/file/d/12yeOXW_sN69QjsQtW0_k9AGqozi1s0di/view?usp=sharing https://github.com/Shridharshukl/Blood-Bank-Management-System https://github.com/kiwi865/CVEs/blob/main/CVE-2025-63532.md

Benzer Kayıtlar

High

CVE-2025-63534

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the login.php component…

Critical

CVE-2025-63535

A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the abs.php component. The applicati…

High

CVE-2025-63533

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php a…

Critical

CVE-2025-63525

An issue was discovered in Blood Bank Management System 1.0 allowing authenticated attackers to perform actions with esc…

High

CVE-2025-63526

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System within the abs.php component. The…

High

CVE-2025-63527

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php a…