CVE-2024-8173

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://vuldb.com/?id.275772", "name": "VDB-275772 | code-projects Blood Bank System Login Page login.php sql injection", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "https://vuldb.com/?ctiid.275772", "name": "VDB-275772 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["Permissions Required"], "refsource": ""}, {"url": "https://vuldb.com/?submit.397882", "name": "Submit #397882 | code-projects blood-bank-system-in-php v1.0 xss", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "https://github.com/prankfulin/cve/blob/main/sql1.md", "name": "https://github.com/prankfulin/cve/blob/main/sql1.md", "tags": ["Exploit", "Third Party Advisory"], "refsource": ""}, {"url": "https://code-projects.org/", "name": "https://code-projects.org/", "tags": ["Product"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file /login.php of the component Login Page. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-89"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-8173", "ASSIGNER": "cna@vuldb.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}}, "publishedDate": "2024-08-26T16:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:blood_bank_system_project:blood_bank_system:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2024-09-05T18:39Z"}