From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability ID: #431491 2. Vulnerability Title: code-projects Blood Bank Management System 1.0 SQL Injection 3. Vulnerability Description: - An SQL Injection vulnerability has been identified in the BloodBank Management System version 1.0. - The vulnerability occurs in the search functionality when users query blood type availability. - The search parameter is not properly sanitized, allowing attackers to inject malicious SQL queries. 4. Vulnerability Impact: - Unauthorized access to sensitive data (e.g., donor or recipient information). - Database corruption or deletion. - Denial of Service (DoS) attacks by causing the database to execute time-consuming operations. - Since the injected payload persists through the search feature, this high-risk vulnerability could be exploited by remote attackers, leading to a significant breach of confidentiality and availability. 5. Vulnerability Source: - https://gist.github.com/higordiego/46090516ba1b13fe3d2607ab4c0114f1 6. Submitter: c4trr4ck (UID 75518) 7. Submission Time: October 25, 2024, 15:14 8. Review Time: October 26, 2024, 09:14 9. Status: Accepted 10. VulDB Entry ID: 281938 11. Points: 20