VYPR
Vendor

Babygekko

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2012-5699Jan 23, 2020
    risk 0.04cvss epss 0.05

    BabyGekko before 1.2.4 allows PHP file inclusion.

  • CVE-2012-5698Jan 23, 2020
    risk 0.03cvss epss 0.02

    BabyGekko before 1.2.4 has SQL injection.

  • CVE-2012-5700Sep 22, 2014
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko before 1.2.2f allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to admin/index.php or the (2) username or (3) password parameter in blocks/loginbox/loginbox.template.php to…

  • CVE-2012-3838Jul 3, 2012
    risk 0.03cvss epss 0.03

    Gekko before 1.2.0 allows remote attackers to obtain the installation path via a direct request to (1) admin/templates/babygekko/index.php or (2) templates/html5demo/index.php.

  • CVE-2012-3837Jul 3, 2012
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in apps/users/registration.template.php in Baby Gekko 1.2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) email_address, (3) password, (4) password_verify, (5) firstname,…

  • CVE-2012-3836Jul 3, 2012
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko before 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) groupname parameter in a savecategory in the users module; (2) virtual_filename, (3) branch, (4) contact_person, (5) street,…