VYPR

Baby Care System

by Janobe

CVEs (15)

  • CVE-2025-12933MedNov 10, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is…

  • CVE-2025-12932MedNov 10, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was determined in SourceCodester Baby Care System 1.0. Affected by this issue is some unknown functionality of the file /admin.php?id=inbox. This manipulation of the argument msgid causes sql injection. The attack can be initiated remotely. The exploit has been…

  • CVE-2022-28420Apr 21, 2022
    risk 0.00cvss epss 0.01

    Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via BabyCare/admin.php?id=theme&setid=.

  • CVE-2022-28423Apr 21, 2022
    risk 0.00cvss epss 0.01

    Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&action=delete.

  • CVE-2022-28424Apr 21, 2022
    risk 0.00cvss epss 0.01

    Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/posts.php&find=.

  • CVE-2022-28431Apr 21, 2022
    risk 0.00cvss epss 0.01

    Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php&social=remove&sid=2.

  • CVE-2022-28432Apr 21, 2022
    risk 0.00cvss epss 0.01

    Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=display&value=0&sid=2.

  • CVE-2022-28433Apr 21, 2022
    risk 0.00cvss epss 0.01

    Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=display&value=Show&userid=.

  • CVE-2022-28434Apr 21, 2022
    risk 0.00cvss epss 0.01

    Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=edit&sid=2.

  • CVE-2022-28435Apr 21, 2022
    risk 0.00cvss epss 0.01

    Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php&action=displaygoal&value=1&roleid=1.

  • CVE-2022-28437Apr 21, 2022
    risk 0.00cvss epss 0.01

    Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=Admin&userid=3.

  • CVE-2022-28439Apr 21, 2022
    risk 0.00cvss epss 0.01

    Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&&action=delete&userid=4.

  • CVE-2020-35752Mar 10, 2021
    risk 0.00cvss epss 0.01

    Baby Care System 1.0 is affected by a cross-site scripting (XSS) vulnerability in the Edit Page tab through the Post title parameter.

  • CVE-2021-25780Feb 17, 2021
    risk 0.00cvss epss 0.02

    An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote attacker to upload content to the server, including PHP files, which could result in command execution and obtaining a shell.

  • CVE-2021-25779Feb 17, 2021
    risk 0.00cvss epss 0.01

    Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the contentsectionpage.php page.