0Xbeven

**Name of the Vulnerable Software and Affected Versions** yydevelopment Mobile Contact Line versions through 2.4.0 **Description** A missing authorization issue exists in yydevelopment Mobile Contact Line due to incorrectly configured access control security levels. **Recommendations** Update yydevelopment Mobile Contact Line to a version later than 2.4.0.

**Name of the Vulnerable Software and Affected Versions** code-projects Blood Bank Management System version 1.0 **Description** A problem was found in the code, affecting an unknown part of the file /file/request.php. This leads to cross-site request forgery and can be initiated remotely. The issue has been disclosed to the public and may be used. **Recommendations** For code-projects Blood Bank Management System version 1.0, update to the latest version immediately to mitigate risks. As a temporary workaround, consider restricting access to the /file/request.php file until a patch is available. Ensure all recommended patches are applied to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** code-projects Blood Bank Management System version 1.0 **Description** A vulnerability has been found in the Blood Bank Management System, affecting an unknown functionality of the file /file/updateprofile.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. **Recommendations** For version 1.0, update to the latest version to mitigate risks. As a temporary workaround, consider restricting access to the /file/updateprofile.php file until a patch is available. Avoid using the affected functionality of the file /file/updateprofile.php in the meantime.

**Name of the Vulnerable Software and Affected Versions** Blood Bank Management System version 1.0 **Description** A problematic issue has been found in the Blood Bank Management System, affecting some unknown functionality of the file /file/delete.php. The manipulation of the `bid` argument leads to cross-site request forgery. The attack may be launched remotely. **Recommendations** For Blood Bank Management System version 1.0, as a temporary workaround, consider restricting access to the /file/delete.php endpoint to minimize the risk of exploitation. Avoid using the `bid` argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.