CVE-2025-63535

Name of the Vulnerable Software and Affected Versions Blood Bank Management System version 1.0

Description The application does not properly sanitize user-supplied input within SQL queries, leading to a SQL injection issue in the abs.php component. An attacker can manipulate the search field to bypass authentication and gain unauthorized access to the system by injecting arbitrary SQL code.

Recommendations Blood Bank Management System version 1.0: Ensure all user-supplied input is properly sanitized before being used in SQL queries. Specifically, address the input handling within the abs.php component and the search field to prevent SQL injection attacks.