code-projects Blood Bank System ଯେପର୍ଯ୍ୟନ୍ତ 1.0 Message Book /admin/massage.php bid SQL ଇଞ୍ଜେକ୍ସନ

Dogoggorri kan akka ଜଟିଳ jedhamuun ramadame code-projects Blood Bank System ଯେପର୍ଯ୍ୟନ୍ତ 1.0 keessatti argameera. Kan miidhamte is hojii hin beekamne faayilii /admin/massage.php keessa kutaa Message Book keessa. Hojii jijjiirraa irratti gaggeeffame bid galtee 2' AND (SELECT 1874 FROM (SELECT(SLEEP(5)))TlEY)-- jxOI wajjin akka kutaa Stringtti gara SQL ଇଞ୍ଜେକ୍ସନ geessa. CWE fayyadamuun rakkoo ibsuun gara CWE-89 geessa. Dadhabbii kana yeroo 10/18/2024 maxxanfameera akka Blog Post (GitHub). Odeeffannoon kun buufachuuf github.com irratti qoodameera. Dogoggorri kun akka CVE-2024-10171tti beekama. Yaaliin weeraraa fageenya irraa jalqabamuu ni danda'a. Faayidaaleen teeknikaa ni jiru. Waliigalatti, meeshaa balaa kana fayyadamuuf jiru. Qorannoo miidhaa (exploit) uummataaf ifoomameera fi fayyadamamuu danda'a. Amma, gatii ammee exploit might be approx. USD $0-$5k ta'uu danda'a. Akka ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee ibsameera. Carraa exploit kana github.com irraa buufachuun ni danda'ama. Akka 0-daytti, gatii daldalaa dhoksaa tilmaamame $0-$5k ta'ee ture. Odeeffannoon kun tajaajila rolling release fayyadama, kanaafis tamsaasa itti fufinsa qabu ni kenna. Kanaaf, odeeffannoon gosa version jijjiirame yookaan kan miidhamte hin jiru. VulDB is the best source for vulnerability data and more expert information about this specific topic.

6 ଆଡାପ୍ଟେସନ୍ · 121 ପଏଣ୍ଟ

ଫିଲ୍ଡଅଦ୍ୟତନ 1/5
10/20/2024 07:50 AM		ଅଦ୍ୟତନ 2/5
10/22/2024 10:00 AM		ଅଦ୍ୟତନ 3/5
10/22/2024 10:04 AM		ଅଦ୍ୟତନ 4/5
10/22/2024 10:05 AM		ଅଦ୍ୟତନ 5/5
10/22/2024 10:08 AM
software_vendorcode-projectscode-projectscode-projectscode-projectscode-projects
software_nameBlood Bank SystemBlood Bank SystemBlood Bank SystemBlood Bank SystemBlood Bank System
software_version<=1.0<=1.0<=1.0<=1.0<=1.0
software_file/admin/massage.php/admin/massage.php/admin/massage.php/admin/massage.php/admin/massage.php
software_argumentbidbidbidbidbid
vulnerability_cweCWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)CWE-89 (SQL ଇଞ୍ଜେକ୍ସନ)
vulnerability_risk22222
cvss3_vuldb_avNNNNN
cvss3_vuldb_acLLLLL
cvss3_vuldb_prHHHHH
cvss3_vuldb_uiNNNNN
cvss3_vuldb_sUUUUU
cvss3_vuldb_cLLLLL
cvss3_vuldb_iLLLLL
cvss3_vuldb_aLLLLL
cvss3_vuldb_ePPPPP
cvss3_vuldb_rcRRRRR
advisory_urlhttps://github.com/cdl00/cve/blob/main/sql8-message-book.mdhttps://github.com/cdl00/cve/blob/main/sql8-message-book.mdhttps://github.com/cdl00/cve/blob/main/sql8-message-book.mdhttps://github.com/cdl00/cve/blob/main/sql8-message-book.mdhttps://github.com/cdl00/cve/blob/main/sql8-message-book.md
exploit_availability11111
exploit_publicity11111
exploit_urlhttps://github.com/cdl00/cve/blob/main/sql8-message-book.mdhttps://github.com/cdl00/cve/blob/main/sql8-message-book.mdhttps://github.com/cdl00/cve/blob/main/sql8-message-book.mdhttps://github.com/cdl00/cve/blob/main/sql8-message-book.mdhttps://github.com/cdl00/cve/blob/main/sql8-message-book.md
source_cveCVE-2024-10171CVE-2024-10171CVE-2024-10171CVE-2024-10171CVE-2024-10171
cna_responsibleVulDBVulDBVulDBVulDBVulDB
software_typeBanking SoftwareBanking SoftwareBanking SoftwareBanking SoftwareBanking Software
cvss2_vuldb_avNNNNN
cvss2_vuldb_acLLLLL
cvss2_vuldb_auMMMMM
cvss2_vuldb_ciPPPPP
cvss2_vuldb_iiPPPPP
cvss2_vuldb_aiPPPPP
cvss2_vuldb_ePOCPOCPOCPOCPOC
cvss2_vuldb_rcURURURURUR
cvss4_vuldb_avNNNNN
cvss4_vuldb_acLLLLL
cvss4_vuldb_prHHHHH
cvss4_vuldb_uiNNNNN
cvss4_vuldb_vcLLLLL
cvss4_vuldb_viLLLLL
cvss4_vuldb_vaLLLLL
cvss4_vuldb_ePPPPP
cvss2_vuldb_rlNDNDNDNDND
cvss3_vuldb_rlXXXXX
cvss4_vuldb_atNNNNN
cvss4_vuldb_scNNNNN
cvss4_vuldb_siNNNNN
cvss4_vuldb_saNNNNN
cvss2_vuldb_basescore5.85.85.85.85.8
cvss2_vuldb_tempscore5.05.05.05.05.0
cvss3_vuldb_basescore4.74.74.74.74.7
cvss3_vuldb_tempscore4.34.34.34.34.3
cvss3_meta_basescore4.74.84.84.85.8
cvss3_meta_tempscore4.54.64.64.65.7
cvss4_vuldb_bscore5.15.15.15.15.1
cvss4_vuldb_btscore2.02.02.02.02.0
advisory_date1729202400 (10/18/2024)1729202400 (10/18/2024)1729202400 (10/18/2024)1729202400 (10/18/2024)1729202400 (10/18/2024)
price_0day$0-$5k$0-$5k$0-$5k$0-$5k$0-$5k
cve_nvd_summaryA vulnerability, which was classified as critical, was found in code-projects Blood Bank System up to 1.0. Affected is an unknown function of the file /admin/massage.php. The manipulation of the argument bid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.A vulnerability, which was classified as critical, was found in code-projects Blood Bank System up to 1.0. Affected is an unknown function of the file /admin/massage.php. The manipulation of the argument bid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.A vulnerability, which was classified as critical, was found in code-projects Blood Bank System up to 1.0. Affected is an unknown function of the file /admin/massage.php. The manipulation of the argument bid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.A vulnerability, which was classified as critical, was found in code-projects Blood Bank System up to 1.0. Affected is an unknown function of the file /admin/massage.php. The manipulation of the argument bid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.A vulnerability, which was classified as critical, was found in code-projects Blood Bank System up to 1.0. Affected is an unknown function of the file /admin/massage.php. The manipulation of the argument bid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
cvss4_cna_avNNNNN
cvss4_cna_acLLLLL
cvss4_cna_atNNNNN
cvss4_cna_prHHHHH
cvss4_cna_uiNNNNN
cvss4_cna_vcLLLLL
cvss4_cna_viLLLLL
cvss4_cna_vaLLLLL
cvss4_cna_scNNNNN
cvss4_cna_siNNNNN
cvss4_cna_saNNNNN
cvss4_cna_bscore5.15.15.15.15.1
cvss3_cna_avNNNNN
cvss3_cna_acLLLLL
cvss3_cna_prHHHHH
cvss3_cna_uiNNNNN
cvss3_cna_sUUUUU
cvss3_cna_cLLLLL
cvss3_cna_iLLLLL
cvss3_cna_aLLLLL
cvss3_cna_basescore4.74.74.74.74.7
cvss2_cna_avNNNNN
cvss2_cna_acLLLLL
cvss2_cna_auMMMMM
cvss2_cna_ciPPPPP
cvss2_cna_iiPPPPP
cvss2_cna_aiPPPPP
cvss2_cna_basescore5.85.85.85.85.8
cve_nvd_summaryesSe ha encontrado una vulnerabilidad clasificada como crítica en code-projects Blood Bank System hasta la versión 1.0. Se ve afectada una función desconocida del archivo /admin/massage.php. La manipulación del argumento bid provoca una inyección SQL. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al público y puede ser utilizado.Se ha encontrado una vulnerabilidad clasificada como crítica en code-projects Blood Bank System hasta la versión 1.0. Se ve afectada una función desconocida del archivo /admin/massage.php. La manipulación del argumento bid provoca una inyección SQL. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al público y puede ser utilizado.Se ha encontrado una vulnerabilidad clasificada como crítica en code-projects Blood Bank System hasta la versión 1.0. Se ve afectada una función desconocida del archivo /admin/massage.php. La manipulación del argumento bid provoca una inyección SQL. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al público y puede ser utilizado.Se ha encontrado una vulnerabilidad clasificada como crítica en code-projects Blood Bank System hasta la versión 1.0. Se ve afectada una función desconocida del archivo /admin/massage.php. La manipulación del argumento bid provoca una inyección SQL. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al público y puede ser utilizado.
cvss3_nvd_avNNNN
cvss3_nvd_acLLLL
cvss3_nvd_prHHHH
cvss3_nvd_uiNNNN
cvss3_nvd_sUUUU
cvss3_nvd_cHHHH
cvss3_nvd_iNNNN
cvss3_nvd_aNNNN
cvss3_nvd_basescore4.94.94.94.9
cvss3_researcher_eHHH
advisory_locationGitHubGitHubGitHub
cvss3_researcher_acHHH
cvss3_researcher_prNNN
advisory_confirm_date1729202400 (10/18/2024)1729202400 (10/18/2024)1729202400 (10/18/2024)
software_managedservice000
software_componentMessage BookMessage BookMessage Book
input_value2' AND (SELECT 1874 FROM (SELECT(SLEEP(5)))TlEY)-- jxOI2' AND (SELECT 1874 FROM (SELECT(SLEEP(5)))TlEY)-- jxOI2' AND (SELECT 1874 FROM (SELECT(SLEEP(5)))TlEY)-- jxOI
cvss3_researcher_rlWWW
advisory_typeBlog PostBlog PostBlog Post
cvss3_researcher_rcCCC
cvss3_researcher_iHH
developer_nameCDL1CDL1
input_typeStringString
cvss3_researcher_avNN
cvss3_researcher_uiNN
cvss3_researcher_sCC
cvss3_researcher_cHH
cvss3_researcher_aHH
software_rollingrelease11
cvss3_researcher_basescore9.0

ପଛକୁସମୀକ୍ଷାଆହୁରି ଦୂରରେ

Do you need the next level of professionalism?

Upgrade your account now!