Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
BloodBank Managing System 1.0: Admin Panel Cross-Site Scripting Risk
CVE-2026-5240
Summary
An attacker can inject malicious code into the BloodBank Managing System 1.0 admin panel, potentially taking control of it. This could allow them to access sensitive information, delete data, or disrupt the system's operation. Update the system as soon as possible to fix this vulnerability and prevent potential attacks.
Original title
A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. This affects an unknown part of the file /admin_state.php. The manipulation of the argument statename lead...
Original description
A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. This affects an unknown part of the file /admin_state.php. The manipulation of the argument statename leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.
nvd CVSS2.0
5.0
nvd CVSS3.1
4.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
CWE-94
Code Injection
Published: 1 Apr 2026 · Updated: 1 Apr 2026 · First seen: 1 Apr 2026