Janobe: Security Vulnerabilities
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=edit&sid=2.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-04-21
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php&action=displaygoal&value=1&roleid=1.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-04-21
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=display&value=Hide&userid=.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-04-21
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=Admin&userid=3.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-04-21
Baby Care System 1.0 is affected by a cross-site scripting (XSS) vulnerability in the Edit Page tab through the Post title parameter.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-03-10
Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the contentsectionpage.php page.
CVSS Score
9.8
EPSS Score
0.003
Published
2021-02-17
An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote attacker to upload content to the server, including PHP files, which could result in command execution and obtaining a shell.
CVSS Score
7.2
EPSS Score
0.04
Published
2021-02-17
Online Birth Certificate System Project V 1.0 is affected by cross-site scripting (XSS). This vulnerability can result in an attacker injecting the XSS payload in the User Registration section. When an admin visits the View Detail of Application section from the admin panel, the attacker can able to steal the cookie according to the crafted payload.
CVSS Score
6.1
EPSS Score
0.001
Published
2020-12-02
Page 16