Code Projects Blood Bank Management System

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Code Projects Blood Bank Management System.

By the Year

In 2025 there have been 13 vulnerabilities in Code Projects Blood Bank Management System with an average score of 7.9 out of ten. Last year, in 2024 Blood Bank Management System had 10 security vulnerabilities published. That is, 3 more vulnerabilities have already been reported in 2025 as compared to last year. However, the average CVE base score of the vulnerabilities in 2025 is greater by 0.94.

Year	Vulnerabilities	Average Score
2025	13	7.90
2024	10	6.96

It may take a day or so for new Blood Bank Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Code Projects Blood Bank Management System Security Vulnerabilities

Blood Bank Management System 1.0: SQLi via hospital param in campsdetails
CVE-2025-3309 9.8 - Critical - April 06, 2025

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/campsdetails.php. The manipulation of the argument hospital leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Blood Bank Management System 1.0 PHP (viewrequest.php) SQLi (Critical)
CVE-2025-3308 9.8 - Critical - April 06, 2025

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /viewrequest.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

SQLi in Blood Bank Management System 1.0 reset.php via useremail
CVE-2025-3307 9.8 - Critical - April 06, 2025

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /reset.php. The manipulation of the argument useremail leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

SQL Injection in code-projects Blood Bank Management System 1.0 /don.php (Remote)
CVE-2025-3306 9.8 - Critical - April 06, 2025

A vulnerability was found in code-projects Blood Bank Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /don.php. The manipulation of the argument fullname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

SQL Injection

PHP Blood Bank Management System 1.0 – SQLi via /user_dashboard/add_donor.php (CRITICAL)
CVE-2025-2390 6.3 - Medium - March 17, 2025

A vulnerability classified as critical has been found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the file /user_dashboard/add_donor.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

sql injection in code-projects Blood Bank Mgmt Sys 1.0 (CVE-2025-2389)
CVE-2025-2389 7.2 - High - March 17, 2025

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_city.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Critical SQLi in code-projects Blood Bank Mgt Sys 1.0 /admin/edit_state.php
CVE-2025-2054 7.2 - High - March 07, 2025

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit_state.php. The manipulation of the argument state_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Blood Bank Management System 1.0 – SQLi via delete_bloodGroup.php
CVE-2025-2044 7.2 - High - March 06, 2025

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/delete_bloodGroup.php. The manipulation of the argument blood_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Critical Dir Listing Disclosure in code-projects BBS 1.0 (/upload/)
CVE-2025-2038 7.3 - High - March 06, 2025

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /upload/. The manipulation leads to exposure of information through directory listing. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Files or Directories Accessible to External Parties

SQLi via member_id in BBMS 1.0 /admin/delete_members.php
CVE-2025-2039 7.2 - High - March 06, 2025

A vulnerability classified as critical has been found in code-projects Blood Bank Management System 1.0. Affected is an unknown function of the file /admin/delete_members.php. The manipulation of the argument member_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Critical SQLi in code-projects BMS 1.0 delete_requester.php
CVE-2025-2037 8.8 - High - March 06, 2025

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /user_dashboard/delete_requester.php. The manipulation of the argument requester_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Blood Bank Management System 1.0 – Remote SQLi via donor_id in view_donor.php
CVE-2025-2033 8.8 - High - March 06, 2025

A vulnerability, which was classified as critical, was found in code-projects Blood Bank Management System 1.0. Affected is an unknown function of the file /user_dashboard/view_donor.php. The manipulation of the argument donor_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

XSS via /user_dashboard/donor.php in Blood Bank Management Sys 1.0
CVE-2025-1967 3.5 - Low - March 05, 2025

A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank Management System 1.0. Affected by this issue is some unknown functionality of the file /user_dashboard/donor.php. The manipulation of the argument name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

XSS

CSRF in code-projects Blood Bank Management System 1.0 via /file/request.php
CVE-2024-10605 6.5 - Medium - November 01, 2024

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /file/request.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Session Riding

Blood Bank Management System 1.0 CSRF in updateprofile.php
CVE-2024-10557 6.5 - Medium - October 31, 2024

A vulnerability has been found in code-projects Blood Bank Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /file/updateprofile.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Session Riding

CSRF in code-projects Blood Bank Management System 1.0 /file/delete.php
CVE-2024-10448 6.5 - Medium - October 28, 2024

A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank Management System 1.0. Affected by this issue is some unknown functionality of the file /file/delete.php. The manipulation of the argument bid leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other endpoints might be affected as well.

Session Riding

Blood Bank Management System 1.0 XSS via msg in bloodrequest.php
CVE-2024-10419 6.1 - Medium - October 27, 2024

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /bloodrequest.php. The manipulation of the argument msg leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

XSS

Critical SQLi via bg in infoAdd.php of Blood Bank Management System 1.0
CVE-2024-10418 9.8 - Critical - October 27, 2024

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /file/infoAdd.php. The manipulation of the argument bg leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

SQLi in code-projects BloodBankSys 1.0 accept.php reqid Remote
CVE-2024-10415 8.8 - High - October 27, 2024

A vulnerability has been found in code-projects Blood Bank Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /file/accept.php. The manipulation of the argument reqid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Blood Bank Management System 1.0 XSS via Availibility in blooddetails.php
CVE-2024-9803 5.4 - Medium - October 10, 2024

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as problematic. This affects an unknown part of the file blooddetails.php. The manipulation of the argument Availibility leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

XSS

SQLi in code-projects Blood Bank System 1.0 via /admin/blood/update/B+.php
CVE-2024-9316 7.5 - High - September 28, 2024

A vulnerability classified as critical has been found in code-projects Blood Bank Management System 1.0. Affected is an unknown function of the file /admin/blood/update/B+.php. The manipulation of the argument Bloodname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Blood Bank Management System 1.0: Password Handler Cleartext Storage (Local)
CVE-2024-9040 5.5 - Medium - September 20, 2024

A vulnerability, which was classified as problematic, was found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the component Password Handler. The manipulation leads to cleartext storage in a file or on disk. An attack has to be approached locally.

Cleartext Storage of Sensitive Information

SQLi in code-projects Blood Bank MS 1.0 Admin Login critical
CVE-2024-9035 - September 20, 2024

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/login.php of the component Admin Login. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

SQL Injection

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Code Projects Blood Bank Management System or by Code Projects? Click the Watch button to subscribe.

Code Projects
Vendor

Code Projects Blood Bank Management System
Product

Code Projects Blood Bank Management System

Don't miss out!

By the Year

Recent Code Projects Blood Bank Management System Security Vulnerabilities

Blood Bank Management System 1.0: SQLi via hospital param in campsdetails CVE-2025-3309 9.8 - Critical - April 06, 2025

Blood Bank Management System 1.0 PHP (viewrequest.php) SQLi (Critical) CVE-2025-3308 9.8 - Critical - April 06, 2025

SQLi in Blood Bank Management System 1.0 reset.php via useremail CVE-2025-3307 9.8 - Critical - April 06, 2025

SQL Injection in code-projects Blood Bank Management System 1.0 /don.php (Remote) CVE-2025-3306 9.8 - Critical - April 06, 2025

PHP Blood Bank Management System 1.0 – SQLi via /user_dashboard/add_donor.php (CRITICAL) CVE-2025-2390 6.3 - Medium - March 17, 2025

sql injection in code-projects Blood Bank Mgmt Sys 1.0 (CVE-2025-2389) CVE-2025-2389 7.2 - High - March 17, 2025

Critical SQLi in code-projects Blood Bank Mgt Sys 1.0 /admin/edit_state.php CVE-2025-2054 7.2 - High - March 07, 2025

Blood Bank Management System 1.0 – SQLi via delete_bloodGroup.php CVE-2025-2044 7.2 - High - March 06, 2025

Critical Dir Listing Disclosure in code-projects BBS 1.0 (/upload/) CVE-2025-2038 7.3 - High - March 06, 2025

SQLi via member_id in BBMS 1.0 /admin/delete_members.php CVE-2025-2039 7.2 - High - March 06, 2025

Critical SQLi in code-projects BMS 1.0 delete_requester.php CVE-2025-2037 8.8 - High - March 06, 2025

Blood Bank Management System 1.0 – Remote SQLi via donor_id in view_donor.php CVE-2025-2033 8.8 - High - March 06, 2025

XSS via /user_dashboard/donor.php in Blood Bank Management Sys 1.0 CVE-2025-1967 3.5 - Low - March 05, 2025

CSRF in code-projects Blood Bank Management System 1.0 via /file/request.php CVE-2024-10605 6.5 - Medium - November 01, 2024

Blood Bank Management System 1.0 CSRF in updateprofile.php CVE-2024-10557 6.5 - Medium - October 31, 2024

CSRF in code-projects Blood Bank Management System 1.0 /file/delete.php CVE-2024-10448 6.5 - Medium - October 28, 2024

Blood Bank Management System 1.0 XSS via msg in bloodrequest.php CVE-2024-10419 6.1 - Medium - October 27, 2024

Critical SQLi via bg in infoAdd.php of Blood Bank Management System 1.0 CVE-2024-10418 9.8 - Critical - October 27, 2024

SQLi in code-projects BloodBankSys 1.0 accept.php reqid Remote CVE-2024-10415 8.8 - High - October 27, 2024

Blood Bank Management System 1.0 XSS via Availibility in blooddetails.php CVE-2024-9803 5.4 - Medium - October 10, 2024

SQLi in code-projects Blood Bank System 1.0 via /admin/blood/update/B+.php CVE-2024-9316 7.5 - High - September 28, 2024

Blood Bank Management System 1.0: Password Handler Cleartext Storage (Local) CVE-2024-9040 5.5 - Medium - September 20, 2024

SQLi in code-projects Blood Bank MS 1.0 Admin Login critical CVE-2024-9035 - September 20, 2024

Stay on top of Security Vulnerabilities

Code Projects Vendor

Code Projects Blood Bank Management SystemProduct

Blood Bank Management System 1.0: SQLi via hospital param in campsdetails
CVE-2025-3309 9.8 - Critical - April 06, 2025

Blood Bank Management System 1.0 PHP (viewrequest.php) SQLi (Critical)
CVE-2025-3308 9.8 - Critical - April 06, 2025

SQLi in Blood Bank Management System 1.0 reset.php via useremail
CVE-2025-3307 9.8 - Critical - April 06, 2025

SQL Injection in code-projects Blood Bank Management System 1.0 /don.php (Remote)
CVE-2025-3306 9.8 - Critical - April 06, 2025

PHP Blood Bank Management System 1.0 – SQLi via /user_dashboard/add_donor.php (CRITICAL)
CVE-2025-2390 6.3 - Medium - March 17, 2025

sql injection in code-projects Blood Bank Mgmt Sys 1.0 (CVE-2025-2389)
CVE-2025-2389 7.2 - High - March 17, 2025

Critical SQLi in code-projects Blood Bank Mgt Sys 1.0 /admin/edit_state.php
CVE-2025-2054 7.2 - High - March 07, 2025

Blood Bank Management System 1.0 – SQLi via delete_bloodGroup.php
CVE-2025-2044 7.2 - High - March 06, 2025

Critical Dir Listing Disclosure in code-projects BBS 1.0 (/upload/)
CVE-2025-2038 7.3 - High - March 06, 2025

SQLi via member_id in BBMS 1.0 /admin/delete_members.php
CVE-2025-2039 7.2 - High - March 06, 2025

Critical SQLi in code-projects BMS 1.0 delete_requester.php
CVE-2025-2037 8.8 - High - March 06, 2025

Blood Bank Management System 1.0 – Remote SQLi via donor_id in view_donor.php
CVE-2025-2033 8.8 - High - March 06, 2025

XSS via /user_dashboard/donor.php in Blood Bank Management Sys 1.0
CVE-2025-1967 3.5 - Low - March 05, 2025

CSRF in code-projects Blood Bank Management System 1.0 via /file/request.php
CVE-2024-10605 6.5 - Medium - November 01, 2024

Blood Bank Management System 1.0 CSRF in updateprofile.php
CVE-2024-10557 6.5 - Medium - October 31, 2024

CSRF in code-projects Blood Bank Management System 1.0 /file/delete.php
CVE-2024-10448 6.5 - Medium - October 28, 2024

Blood Bank Management System 1.0 XSS via msg in bloodrequest.php
CVE-2024-10419 6.1 - Medium - October 27, 2024

Critical SQLi via bg in infoAdd.php of Blood Bank Management System 1.0
CVE-2024-10418 9.8 - Critical - October 27, 2024

SQLi in code-projects BloodBankSys 1.0 accept.php reqid Remote
CVE-2024-10415 8.8 - High - October 27, 2024

Blood Bank Management System 1.0 XSS via Availibility in blooddetails.php
CVE-2024-9803 5.4 - Medium - October 10, 2024

SQLi in code-projects Blood Bank System 1.0 via /admin/blood/update/B+.php
CVE-2024-9316 7.5 - High - September 28, 2024

Blood Bank Management System 1.0: Password Handler Cleartext Storage (Local)
CVE-2024-9040 5.5 - Medium - September 20, 2024

SQLi in code-projects Blood Bank MS 1.0 Admin Login critical
CVE-2024-9035 - September 20, 2024

Code Projects
Vendor

Code Projects Blood Bank Management System
Product