Vulnerabilities > Baby Care System Project > Baby Care System > High

DATE CVE VULNERABILITY TITLE RISK
2022-04-21 CVE-2022-28432 SQL Injection vulnerability in Baby Care System Project Baby Care System 1.0
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=display&value=0&sid=2.
network
low complexity
baby-care-system-project CWE-89
7.5
2022-04-21 CVE-2022-28433 SQL Injection vulnerability in Baby Care System Project Baby Care System 1.0
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=display&value=Show&userid=.
network
low complexity
baby-care-system-project CWE-89
7.5
2022-04-21 CVE-2022-28434 SQL Injection vulnerability in Baby Care System Project Baby Care System 1.0
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=edit&sid=2.
network
low complexity
baby-care-system-project CWE-89
7.5
2022-04-21 CVE-2022-28435 SQL Injection vulnerability in Baby Care System Project Baby Care System 1.0
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php&action=displaygoal&value=1&roleid=1.
network
low complexity
baby-care-system-project CWE-89
7.5
2022-04-21 CVE-2022-28436 SQL Injection vulnerability in Baby Care System Project Baby Care System 1.0
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=display&value=Hide&userid=.
network
low complexity
baby-care-system-project CWE-89
7.5
2022-04-21 CVE-2022-28437 SQL Injection vulnerability in Baby Care System Project Baby Care System 1.0
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=Admin&userid=3.
network
low complexity
baby-care-system-project CWE-89
7.5
2022-04-21 CVE-2022-28438 SQL Injection vulnerability in Baby Care System Project Baby Care System 1.0
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=User&userid=.
network
low complexity
baby-care-system-project CWE-89
7.5
2022-04-21 CVE-2022-28439 SQL Injection vulnerability in Baby Care System Project Baby Care System 1.0
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&&action=delete&userid=4.
network
low complexity
baby-care-system-project CWE-89
7.5
2021-02-17 CVE-2021-25779 SQL Injection vulnerability in Baby Care System Project Baby Care System 1.0
Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the contentsectionpage.php page.
network
low complexity
baby-care-system-project CWE-89
7.5