Blood Bank And Donation Management System
Monthly
SQL injection in Blood Bank And Donation Management System allows authenticated remote attackers to manipulate the fullname parameter in /donate_blood.php, potentially leading to unauthorized data access or modification. The vulnerability affects all versions up to commit dc9e0393d826fbc85fad9755b5bc12cba1919df2, with publicly available exploit code and a low EPSS score of 0.03% despite CVSS 2.1, indicating exploitation is unlikely in practice due to authentication requirements and limited technical impact.
SQL injection in Blood Bank And Donation Management System allows authenticated remote attackers to manipulate the fullname parameter in /donate_blood.php, potentially leading to unauthorized data access or modification. The vulnerability affects all versions up to commit dc9e0393d826fbc85fad9755b5bc12cba1919df2, with publicly available exploit code and a low EPSS score of 0.03% despite CVSS 2.1, indicating exploitation is unlikely in practice due to authentication requirements and limited technical impact.