A vulnerability described as critical has been identified in itsourcecode Online Blood Bank Management System 1.0 . Impacted is an unknown function of the file /admin/viewrequest.php . Such manipulation of the argument ID leads to sql injection. This vulnerability is documented as CVE-2026-10249 . The attack can be executed remotely. Additionally, an exploit exists.