Code-Projects Blood Bank Management System Vulnerability
CVE-2024-10605
Key Information:
- Vendor
Code-projects
- Vendor
- CVE Published:
- 1 November 2024
Badges
What is CVE-2024-10605?
A vulnerability exists in the Blood Bank Management System 1.0, specifically within the request.php file, which enables attackers to perform cross-site request forgery (CSRF) attacks. This flaw allows unauthorized commands to be initiated on behalf of users without their consent. Exploiting this vulnerability could jeopardize sensitive data by enabling attackers to execute malicious requests remotely. Given that the exploit has been disclosed publicly, proactive measures are essential to safeguard the application and its users against potential exploitations.
Affected Version(s)
Blood Bank Management System 1.0
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.