CVE-2024-10448

A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank Management System 1.0. Affected by this issue is some unknown functionality of the file /file/delete.php. The manipulation of the argument bid leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other endpoints might be affected as well.

More information : https://vuldb.com/?id.282008

Attack vector : NETWORK
Attack complexity : LOW
Privileges required : NONE
User interaction : REQUIRED
Confidentiality impact : NONE
Integrity impact : HIGH
Base score : 6.5
Base severity : MEDIUM
Exploitability score : 2.8
Impact score : 3.6