Описание
A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:janobe:baby_care_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 11%
0.00037
Низкий
6.3 Medium
CVSS3
9.8 Critical
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-74
CWE-89
Связанные уязвимости
CVSS3: 6.3
github
3 месяца назад
A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used.
EPSS
Процентиль: 11%
0.00037
Низкий
6.3 Medium
CVSS3
9.8 Critical
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-74
CWE-89