Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and hprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript payloads into the hname, hemail, hpassword, hphone, hcity parameters, which are then executed in the victim's browser when the page is viewed.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
Vulnerability Type
N/A
Vulnerability Title
Blood Bank Management System 安全漏洞
Vulnerability Description
Blood Bank Management System是shridhar shukla个人开发者的一个血库管理系统。 Blood Bank Management System 1.0版本存在安全漏洞,该漏洞源于updateprofile.php和hprofile.php组件未清理用户输入,可能导致跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A