CVE-2025-63531

CVSS v3.1

Vector

AC:L/AV:N/A:N/C:H/I:H/PR:N/S:C/UI:N

Name of the Vulnerable Software and Affected Versions Blood Bank Management System version 1.0

Description A SQL injection issue exists in the Blood Bank Management System 1.0 within the

receiverLogin.php

component. The application does not properly sanitize user-supplied input used in SQL queries. An attacker can inject arbitrary SQL code by manipulating the

remail

and

rpassword

fields. This allows bypassing authentication and gaining unauthorized access to the system.

Recommendations Apply proper input sanitization to all user-supplied data used in SQL queries within the

receiverLogin.php

component.

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2025-63531

Affected Products

Blood Bank Management System

CVE-2025-63531

Weakness Enumeration

Related Identifiers

Affected Products

References · 8