Vulnerabilites related to baby_care_system_project - baby_care_system
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=display&value=Hide&userid=.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-17.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-17.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php\u0026action=display\u0026value=Hide\u0026userid=."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de /admin/uesrs.php\u0026amp;action=display\u0026amp;value=Hide\u0026amp;userid="
}
],
"id": "CVE-2022-28436",
"lastModified": "2024-11-21T06:57:20.813",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:10.957",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-17.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-17.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=display&value=Show&userid=.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-16.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-16.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php\u0026action=display\u0026value=Show\u0026userid=."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de /admin/uesrs.php\u0026amp;action=display\u0026amp;value=Show\u0026amp;userid="
}
],
"id": "CVE-2022-28433",
"lastModified": "2024-11-21T06:57:20.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:10.830",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-16.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-16.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=posts&action=display&value=1&postid=.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-2.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-2.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=posts\u0026action=display\u0026value=1\u0026postid=."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de /admin.php?id=posts\u0026amp;action=display\u0026amp;value=1\u0026amp;postid="
}
],
"id": "CVE-2022-28421",
"lastModified": "2024-11-21T06:57:18.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:10.407",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-2.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-2.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/inbox.php&action=delete&msgid=.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-10.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-10.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/inbox.php\u0026action=delete\u0026msgid=."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de /admin/inbox.php\u0026amp;action=delete\u0026amp;msgid="
}
],
"id": "CVE-2022-28429",
"lastModified": "2024-11-21T06:57:19.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:10.700",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-10.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-10.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/inbox.php&action=read&msgid=.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-9.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-9.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/inbox.php\u0026action=read\u0026msgid=."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de /admin/inbox.php\u0026amp;action=read\u0026amp;msgid="
}
],
"id": "CVE-2022-28427",
"lastModified": "2024-11-21T06:57:19.797",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:10.657",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-9.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-9.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via BabyCare/admin.php?id=theme&setid=.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-1.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-1.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via BabyCare/admin.php?id=theme\u0026setid=."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de BabyCare/admin.php?id=theme\u0026amp;setid="
}
],
"id": "CVE-2022-28420",
"lastModified": "2024-11-21T06:57:18.823",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:10.367",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-1.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-1.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php&action=displaygoal&value=1&roleid=1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-15.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-15.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php\u0026action=displaygoal\u0026value=1\u0026roleid=1."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de /admin/siteoptions.php\u0026amp;action=displaygoal\u0026amp;value=1\u0026amp;roleid=1"
}
],
"id": "CVE-2022-28435",
"lastModified": "2024-11-21T06:57:20.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:10.913",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-15.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-15.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php&social=remove&sid=2.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-12.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-12.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php\u0026social=remove\u0026sid=2."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de /admin/siteoptions.php\u0026amp;social=remove\u0026amp;sid=2"
}
],
"id": "CVE-2022-28431",
"lastModified": "2024-11-21T06:57:20.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:10.743",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-12.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-12.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-17 15:15
Modified
2024-11-21 05:55
Severity ?
Summary
An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote attacker to upload content to the server, including PHP files, which could result in command execution and obtaining a shell.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/TCSWT/Baby-Care-System/blob/main/README.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/TCSWT/Baby-Care-System/blob/main/README.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote attacker to upload content to the server, including PHP files, which could result in command execution and obtaining a shell."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad de carga de archivos arbitraria en el archivo posts.php en Baby Care System versi\u00f3n 1.0.\u0026#xa0;La vulnerabilidad podr\u00eda ser explotada por un atacante remoto para cargar contenido en el servidor, incluyendo archivos PHP, lo que podr\u00eda resultar en una ejecuci\u00f3n de comandos y obtenci\u00f3n de un shell"
}
],
"id": "CVE-2021-25780",
"lastModified": "2024-11-21T05:55:26.143",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-17T15:15:13.423",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/TCSWT/Baby-Care-System/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/TCSWT/Baby-Care-System/blob/main/README.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=User&userid=.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-20.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-20.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php\u0026action=type\u0026userrole=User\u0026userid=."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de /admin/uesrs.php\u0026amp;action=type\u0026amp;userrole=User\u0026amp;userid="
}
],
"id": "CVE-2022-28438",
"lastModified": "2024-11-21T06:57:21.453",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:11.043",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-20.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-20.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=edit&sid=2.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11 | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11 | Not Applicable |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions\u0026social=edit\u0026sid=2."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de /admin.php?id=siteoptions\u0026amp;social=edit\u0026amp;sid=2"
}
],
"id": "CVE-2022-28434",
"lastModified": "2024-11-21T06:57:20.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:10.870",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "https://github.com/k0xx11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://github.com/k0xx11"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/pagerole.php&action=edit&roleid=.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-7.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-7.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/pagerole.php\u0026action=edit\u0026roleid=."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de /admin/pagerole.php\u0026amp;action=edit\u0026amp;roleid="
}
],
"id": "CVE-2022-28426",
"lastModified": "2024-11-21T06:57:19.653",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:10.617",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-7.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-7.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-10 15:15
Modified
2024-11-21 05:28
Severity ?
Summary
Baby Care System 1.0 is affected by a cross-site scripting (XSS) vulnerability in the Edit Page tab through the Post title parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System 1.0 is affected by a cross-site scripting (XSS) vulnerability in the Edit Page tab through the Post title parameter."
},
{
"lang": "es",
"value": "Baby Care System versi\u00f3n 1.0, est\u00e1 afectado por una vulnerabilidad de tipo cross-site scripting (XSS) en la pesta\u00f1a Edit Page por medio del par\u00e1metro Post title"
}
],
"id": "CVE-2020-35752",
"lastModified": "2024-11-21T05:28:00.460",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-10T15:15:12.430",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/49358"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.sourcecodester.com/download-code?nid=14622\u0026title=Baby+Care+System+in+PHP%2FMySQLi+with+Full+Source+Code+"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://www.sourcecodester.com/php/14622/baby-care-system-phpmysqli-full-source-code.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/49358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.sourcecodester.com/download-code?nid=14622\u0026title=Baby+Care+System+in+PHP%2FMySQLi+with+Full+Source+Code+"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.sourcecodester.com/php/14622/baby-care-system-phpmysqli-full-source-code.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=display&value=0&sid=2.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-13.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-13.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions\u0026social=display\u0026value=0\u0026sid=2."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de /admin.php?id=siteoptions\u0026amp;social=display\u0026amp;value=0\u0026amp;sid=2"
}
],
"id": "CVE-2022-28432",
"lastModified": "2024-11-21T06:57:20.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:10.787",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-13.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-13.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/pagerole.php&action=display&value=1&roleid=.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-6.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-6.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/pagerole.php\u0026action=display\u0026value=1\u0026roleid=."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de /admin/pagerole.php\u0026amp;action=display\u0026amp;value=1\u0026amp;roleid="
}
],
"id": "CVE-2022-28425",
"lastModified": "2024-11-21T06:57:19.510",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:10.573",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-6.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-6.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=Admin&userid=3.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-18.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-18.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php\u0026action=type\u0026userrole=Admin\u0026userid=3."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de /admin/uesrs.php\u0026amp;action=type\u0026amp;userrole=Admin\u0026amp;userid=3"
}
],
"id": "CVE-2022-28437",
"lastModified": "2024-11-21T06:57:21.317",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:10.997",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-18.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-18.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&&action=delete&userid=4.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-19.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-19.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php\u0026\u0026action=delete\u0026userid=4."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de /admin/uesrs.php\u0026amp;\u0026amp;action=delete\u0026amp;userid=4"
}
],
"id": "CVE-2022-28439",
"lastModified": "2024-11-21T06:57:21.587",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:11.087",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-19.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-19.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&find=.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-5.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-5.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php\u0026find=."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de /admin/posts.php\u0026amp;find="
}
],
"id": "CVE-2022-28424",
"lastModified": "2024-11-21T06:57:19.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:10.533",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-5.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-5.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&action=edit.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-3.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-3.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php\u0026action=edit."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de /admin/posts.php\u0026amp;action=edit"
}
],
"id": "CVE-2022-28422",
"lastModified": "2024-11-21T06:57:19.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:10.450",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-3.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-3.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 20:15
Modified
2024-11-21 06:57
Severity ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&action=delete.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-4.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-4.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php\u0026action=delete."
},
{
"lang": "es",
"value": "Se ha detectado que Baby Care System versi\u00f3n v1.0, contiene una vulnerabilidad de inyecci\u00f3n SQL por medio de /admin/posts.php\u0026amp;action=delete"
}
],
"id": "CVE-2022-28423",
"lastModified": "2024-11-21T06:57:19.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T20:15:10.490",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-4.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-4.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-17 15:15
Modified
2024-11-21 05:55
Severity ?
Summary
Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the contentsectionpage.php page.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/TCSWT/Baby-Care-System/blob/main/README.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/TCSWT/Baby-Care-System/blob/main/README.md | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| baby_care_system_project | baby_care_system | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6EED4DC7-F56D-4839-B0A0-AFAC14C21DD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 is vulnerable to SQL injection via the \u0027id\u0027 parameter on the contentsectionpage.php page."
},
{
"lang": "es",
"value": "Baby Care System versi\u00f3n v1.0, es vulnerable a una inyecci\u00f3n de SQL por medio del par\u00e1metro \"id\" en la p\u00e1gina contentsectionpage.php"
}
],
"id": "CVE-2021-25779",
"lastModified": "2024-11-21T05:55:26.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-17T15:15:13.360",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/TCSWT/Baby-Care-System/blob/main/README.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/TCSWT/Baby-Care-System/blob/main/README.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2022-28434
Vulnerability from cvelistv5
Published
2022-04-21 19:04
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=edit&sid=2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions\u0026social=edit\u0026sid=2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:04:56",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28434",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions\u0026social=edit\u0026sid=2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11",
"refsource": "MISC",
"url": "https://github.com/k0xx11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28434",
"datePublished": "2022-04-21T19:04:56",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28429
Vulnerability from cvelistv5
Published
2022-04-21 19:04
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/inbox.php&action=delete&msgid=.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-10.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.190Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-10.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/inbox.php\u0026action=delete\u0026msgid=."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:04:59",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-10.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/inbox.php\u0026action=delete\u0026msgid=."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-10.md",
"refsource": "MISC",
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-10.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28429",
"datePublished": "2022-04-21T19:04:59",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28435
Vulnerability from cvelistv5
Published
2022-04-21 19:04
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php&action=displaygoal&value=1&roleid=1.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-15.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-15.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php\u0026action=displaygoal\u0026value=1\u0026roleid=1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:04:55",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-15.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28435",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php\u0026action=displaygoal\u0026value=1\u0026roleid=1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-15.md",
"refsource": "MISC",
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-15.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28435",
"datePublished": "2022-04-21T19:04:55",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28431
Vulnerability from cvelistv5
Published
2022-04-21 19:04
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php&social=remove&sid=2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-12.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-12.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php\u0026social=remove\u0026sid=2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:04:57",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-12.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php\u0026social=remove\u0026sid=2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-12.md",
"refsource": "MISC",
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-12.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28431",
"datePublished": "2022-04-21T19:04:57",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25780
Vulnerability from cvelistv5
Published
2021-02-17 14:32
Modified
2024-08-03 20:11
Severity ?
EPSS score ?
Summary
An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote attacker to upload content to the server, including PHP files, which could result in command execution and obtaining a shell.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/TCSWT/Baby-Care-System/blob/main/README.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:11:28.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/TCSWT/Baby-Care-System/blob/main/README.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote attacker to upload content to the server, including PHP files, which could result in command execution and obtaining a shell."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-17T14:32:39",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TCSWT/Baby-Care-System/blob/main/README.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-25780",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote attacker to upload content to the server, including PHP files, which could result in command execution and obtaining a shell."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/TCSWT/Baby-Care-System/blob/main/README.md",
"refsource": "MISC",
"url": "https://github.com/TCSWT/Baby-Care-System/blob/main/README.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-25780",
"datePublished": "2021-02-17T14:32:39",
"dateReserved": "2021-01-22T00:00:00",
"dateUpdated": "2024-08-03T20:11:28.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28425
Vulnerability from cvelistv5
Published
2022-04-21 19:05
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/pagerole.php&action=display&value=1&roleid=.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-6.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-6.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/pagerole.php\u0026action=display\u0026value=1\u0026roleid=."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:05:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-6.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28425",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/pagerole.php\u0026action=display\u0026value=1\u0026roleid=."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-6.md",
"refsource": "MISC",
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-6.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28425",
"datePublished": "2022-04-21T19:05:02",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28432
Vulnerability from cvelistv5
Published
2022-04-21 19:04
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=display&value=0&sid=2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-13.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.269Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-13.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions\u0026social=display\u0026value=0\u0026sid=2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:04:57",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-13.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions\u0026social=display\u0026value=0\u0026sid=2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-13.md",
"refsource": "MISC",
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-13.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28432",
"datePublished": "2022-04-21T19:04:57",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.269Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28437
Vulnerability from cvelistv5
Published
2022-04-21 19:04
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=Admin&userid=3.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-18.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-18.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php\u0026action=type\u0026userrole=Admin\u0026userid=3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:04:54",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-18.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28437",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php\u0026action=type\u0026userrole=Admin\u0026userid=3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-18.md",
"refsource": "MISC",
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-18.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28437",
"datePublished": "2022-04-21T19:04:54",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28422
Vulnerability from cvelistv5
Published
2022-04-21 19:05
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&action=edit.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-3.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.503Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-3.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php\u0026action=edit."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:05:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-3.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28422",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php\u0026action=edit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-3.md",
"refsource": "MISC",
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-3.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28422",
"datePublished": "2022-04-21T19:05:04",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28426
Vulnerability from cvelistv5
Published
2022-04-21 19:05
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/pagerole.php&action=edit&roleid=.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-7.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-7.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/pagerole.php\u0026action=edit\u0026roleid=."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:05:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-7.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28426",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/pagerole.php\u0026action=edit\u0026roleid=."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-7.md",
"refsource": "MISC",
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-7.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28426",
"datePublished": "2022-04-21T19:05:07",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28420
Vulnerability from cvelistv5
Published
2022-04-21 19:05
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via BabyCare/admin.php?id=theme&setid=.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-1.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.016Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-1.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via BabyCare/admin.php?id=theme\u0026setid=."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:05:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-1.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28420",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via BabyCare/admin.php?id=theme\u0026setid=."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-1.md",
"refsource": "MISC",
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-1.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28420",
"datePublished": "2022-04-21T19:05:06",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28439
Vulnerability from cvelistv5
Published
2022-04-21 19:04
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&&action=delete&userid=4.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-19.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-19.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php\u0026\u0026action=delete\u0026userid=4."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:04:52",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-19.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28439",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php\u0026\u0026action=delete\u0026userid=4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-19.md",
"refsource": "MISC",
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-19.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28439",
"datePublished": "2022-04-21T19:04:52",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28436
Vulnerability from cvelistv5
Published
2022-04-21 19:04
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=display&value=Hide&userid=.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-17.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-17.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php\u0026action=display\u0026value=Hide\u0026userid=."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:04:54",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-17.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28436",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php\u0026action=display\u0026value=Hide\u0026userid=."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-17.md",
"refsource": "MISC",
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-17.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28436",
"datePublished": "2022-04-21T19:04:54",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28423
Vulnerability from cvelistv5
Published
2022-04-21 19:05
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&action=delete.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-4.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-4.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php\u0026action=delete."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:05:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-4.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php\u0026action=delete."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-4.md",
"refsource": "MISC",
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-4.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28423",
"datePublished": "2022-04-21T19:05:04",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25779
Vulnerability from cvelistv5
Published
2021-02-17 14:32
Modified
2024-08-03 20:11
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the contentsectionpage.php page.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/TCSWT/Baby-Care-System/blob/main/README.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:11:28.422Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/TCSWT/Baby-Care-System/blob/main/README.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 is vulnerable to SQL injection via the \u0027id\u0027 parameter on the contentsectionpage.php page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-17T14:32:32",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TCSWT/Baby-Care-System/blob/main/README.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-25779",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 is vulnerable to SQL injection via the \u0027id\u0027 parameter on the contentsectionpage.php page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/TCSWT/Baby-Care-System/blob/main/README.md",
"refsource": "MISC",
"url": "https://github.com/TCSWT/Baby-Care-System/blob/main/README.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-25779",
"datePublished": "2021-02-17T14:32:32",
"dateReserved": "2021-01-22T00:00:00",
"dateUpdated": "2024-08-03T20:11:28.422Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28438
Vulnerability from cvelistv5
Published
2022-04-21 19:04
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=User&userid=.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-20.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.472Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-20.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php\u0026action=type\u0026userrole=User\u0026userid=."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:04:53",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-20.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28438",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php\u0026action=type\u0026userrole=User\u0026userid=."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-20.md",
"refsource": "MISC",
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-20.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28438",
"datePublished": "2022-04-21T19:04:53",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28433
Vulnerability from cvelistv5
Published
2022-04-21 19:04
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=display&value=Show&userid=.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-16.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-16.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php\u0026action=display\u0026value=Show\u0026userid=."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:04:56",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-16.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28433",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php\u0026action=display\u0026value=Show\u0026userid=."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-16.md",
"refsource": "MISC",
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-16.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28433",
"datePublished": "2022-04-21T19:04:56",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28424
Vulnerability from cvelistv5
Published
2022-04-21 19:05
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&find=.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-5.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-5.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php\u0026find=."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:05:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-5.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28424",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php\u0026find=."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-5.md",
"refsource": "MISC",
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-5.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28424",
"datePublished": "2022-04-21T19:05:03",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28427
Vulnerability from cvelistv5
Published
2022-04-21 19:05
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/inbox.php&action=read&msgid=.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-9.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.203Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-9.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/inbox.php\u0026action=read\u0026msgid=."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:05:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-9.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28427",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/inbox.php\u0026action=read\u0026msgid=."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-9.md",
"refsource": "MISC",
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-9.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28427",
"datePublished": "2022-04-21T19:05:01",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.203Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28421
Vulnerability from cvelistv5
Published
2022-04-21 19:05
Modified
2024-08-03 05:56
Severity ?
EPSS score ?
Summary
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=posts&action=display&value=1&postid=.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-2.md | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:56:15.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-2.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=posts\u0026action=display\u0026value=1\u0026postid=."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T19:05:05",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-2.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-28421",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=posts\u0026action=display\u0026value=1\u0026postid=."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-2.md",
"refsource": "MISC",
"url": "https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-2.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28421",
"datePublished": "2022-04-21T19:05:05",
"dateReserved": "2022-04-04T00:00:00",
"dateUpdated": "2024-08-03T05:56:15.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-35752
Vulnerability from cvelistv5
Published
2021-03-10 14:15
Modified
2024-08-04 17:09
Severity ?
EPSS score ?
Summary
Baby Care System 1.0 is affected by a cross-site scripting (XSS) vulnerability in the Edit Page tab through the Post title parameter.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:09:15.269Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sourcecodester.com/download-code?nid=14622\u0026title=Baby+Care+System+in+PHP%2FMySQLi+with+Full+Source+Code+"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sourcecodester.com/php/14622/baby-care-system-phpmysqli-full-source-code.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/49358"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Baby Care System 1.0 is affected by a cross-site scripting (XSS) vulnerability in the Edit Page tab through the Post title parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-10T14:15:25",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sourcecodester.com/download-code?nid=14622\u0026title=Baby+Care+System+in+PHP%2FMySQLi+with+Full+Source+Code+"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sourcecodester.com/php/14622/baby-care-system-phpmysqli-full-source-code.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.exploit-db.com/exploits/49358"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35752",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Baby Care System 1.0 is affected by a cross-site scripting (XSS) vulnerability in the Edit Page tab through the Post title parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sourcecodester.com/download-code?nid=14622\u0026title=Baby+Care+System+in+PHP%2FMySQLi+with+Full+Source+Code+",
"refsource": "MISC",
"url": "https://www.sourcecodester.com/download-code?nid=14622\u0026title=Baby+Care+System+in+PHP%2FMySQLi+with+Full+Source+Code+"
},
{
"name": "https://www.sourcecodester.com/php/14622/baby-care-system-phpmysqli-full-source-code.html",
"refsource": "MISC",
"url": "https://www.sourcecodester.com/php/14622/baby-care-system-phpmysqli-full-source-code.html"
},
{
"name": "https://www.exploit-db.com/exploits/49358",
"refsource": "MISC",
"url": "https://www.exploit-db.com/exploits/49358"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-35752",
"datePublished": "2021-03-10T14:15:25",
"dateReserved": "2020-12-28T00:00:00",
"dateUpdated": "2024-08-04T17:09:15.269Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}