CVE-2025-63531

CVSS v3.1

Critical

AC:L/AV:N/A:N/C:H/I:H/PR:N/S:C/UI:N

Name of the Vulnerable Software and Affected Versions Blood Bank Management System version 1.0

Description A SQL injection issue exists in the Blood Bank Management System 1.0 within the receiverLogin.php component. The application does not properly sanitize user-supplied input used in SQL queries. An attacker can inject arbitrary SQL code by manipulating the remail and rpassword fields. This allows bypassing authentication and gaining unauthorized access to the system.

Recommendations Apply proper input sanitization to all user-supplied data used in SQL queries within the receiverLogin.php component.

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2025-63531

Affected Products

Blood Bank Management System

CVE-2025-63531

Weakness Enumeration

Related Identifiers

Affected Products

References · 9