Vendor CVEs
Janobe
All CVEs
155 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-25780 | 0.00 | — | 0.02 | Feb 17, 2021 | An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote attacker to upload content to the server, including PHP files, which could result in command execution and obtaining a shell. | |||
| CVE-2021-25779 | 0.00 | — | 0.01 | Feb 17, 2021 | Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the contentsectionpage.php page. | |||
| CVE-2020-36003 | 0.00 | — | 0.01 | Feb 17, 2021 | The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases. | |||
| CVE-2020-28183 | 0.00 | — | 0.03 | Nov 17, 2020 | SQL injection vulnerability in SourceCodester Water Billing System 1.0 via the username and password parameters to process.php. | |||
| CVE-2020-24115 | 0.00 | — | 0.02 | Aug 31, 2020 | In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to admin panel access. |
- CVE-2021-25780Feb 17, 2021risk 0.00cvss —epss 0.02
An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote attacker to upload content to the server, including PHP files, which could result in command execution and obtaining a shell.
- CVE-2021-25779Feb 17, 2021risk 0.00cvss —epss 0.01
Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the contentsectionpage.php page.
- CVE-2020-36003Feb 17, 2021risk 0.00cvss —epss 0.01
The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads to the ability to retrieve all databases.
- CVE-2020-28183Nov 17, 2020risk 0.00cvss —epss 0.03
SQL injection vulnerability in SourceCodester Water Billing System 1.0 via the username and password parameters to process.php.
- CVE-2020-24115Aug 31, 2020risk 0.00cvss —epss 0.02
In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to admin panel access.
Page 4 of 4