Key Information 1. Vulnerability ID: - VDB-281958 - CVE-2024-10417 2. Vulnerability Name: - Code-Projects Blood Bank Management System 1.0 /file/delete.php BID SQL Injection 3. CVSS Meta Temp Score: - 6.0 4. Current Exploit Price: - $0-$5k 5. CTI Interest Score: - 2.11 6. Vulnerability Description: - An unknown code block was discovered in the file . Manipulation of the parameter via unknown input leads to an SQL injection vulnerability. CWE classifies this issue as CWE-89. The product constructs SQL commands using external influence input, but fails to properly neutralize or sanitize special elements that could alter downstream SQL commands. This impacts confidentiality, integrity, and availability. 7. Vulnerability Impact: - Affects Code-Projects Blood Bank Management System 1.0. - Affects an unknown function within the unknown file. - Vulnerability allows remote exploitation. 8. Vulnerability Disclosure: - Publicly disclosed. - Potentially exploitable. 9. Vulnerability Exploitation: - Targets can be identified by searching for . - The vulnerability is tagged by MITRE ATT&CK as T1505. 10. Recommended Actions: - Replace affected components. - Refer to similar entries such as VDB-50182, VDB-56199, VDB-58940, and VDB-83293. Summary This vulnerability is an SQL injection flaw affecting the file in Code-Projects Blood Bank Management System 1.0. It can be exploited remotely and has been publicly disclosed. It is recommended to replace affected components to mitigate further security risks.