kinsomnia

2 exploits Active since Sep 2024
CVE-2024-9035 WRITEUP HIGH WRITEUP
Blood Bank Management System 1.0 - SQL Injection via Admin Login Username/Password Parameter
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/login.php of the component Admin Login. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 7.3
CVE-2024-9036 WRITEUP MEDIUM WRITEUP
Online Bookstore 1.0 - Unrestricted File Upload via admin_add.php Image Parameter
A vulnerability was found in itsourcecode Online Bookstore 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin_add.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3