CVE-2024-7303

LOW

Adonesevangelista Online Blood Bank Management System - XSS

Title source: rule

Description

A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /request.php of the component Send Blood Request Page. The manipulation of the argument Address/bloodgroup leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273185 was assigned to this vulnerability.

Exploits (1)

github WRITEUP

by cl4irv0yance · poc

https://github.com/cl4irv0yance/CVEs/tree/main/CVE-2024-7303

View Code ZIP pw:eip

References (4)

[Permissions Required, Third Party Advisory] https://vuldb.com/?id.273185

[Permissions Required, Third Party Advisory] https://vuldb.com/?ctiid.273185

[Third Party Advisory] https://vuldb.com/?submit.382035

[Exploit] https://github.com/cl4irv0yance/CVEs/issues/1

Scores

CVSS v3 3.5

EPSS 0.0023

EPSS Percentile 46.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (1)

adonesevangelista/online_blood_bank_management_system 1.0

Published Jul 31, 2024

Tracked Since Feb 18, 2026