CVE-2022-28444
UCMS v1.6 was discovered to contain an arbitrary file read vulnerability. Date published : 2022-04-21 https://github.com/k0xx11/bug_report/blob/main/UCMS-1.6/Arbitrary-file-reading-1.md
Monthly Archive: April 2022
CVE-2022-28443
UCMS v1.6 was discovered to contain an arbitrary file deletion vulnerability. Date published : 2022-04-21 https://github.com/k0xx11
CVE-2022-28440
An arbitrary file upload vulnerability in UCMS v1.6 allows attackers to execute arbitrary code via a crafted PHP file. Date published : 2022-04-21 https://github.com/k0xx11/bug_report/blob/main/UCMS-1.6/UCMS-RCE1.md
CVE-2022-28439
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&&action=delete&userid=4. Date published : 2022-04-21 https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-19.md
CVE-2022-28438
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=User&userid=. Date published : 2022-04-21 https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-20.md
CVE-2022-28437
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=type&userrole=Admin&userid=3. Date published : 2022-04-21 https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-18.md
CVE-2022-28436
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=display&value=Hide&userid=. Date published : 2022-04-21 https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-17.md
CVE-2022-28435
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php&action=displaygoal&value=1&roleid=1. Date published : 2022-04-21 https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-15.md
CVE-2022-28434
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=edit&sid=2. Date published : 2022-04-21 https://github.com/k0xx11
CVE-2022-28433
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php&action=display&value=Show&userid=. Date published : 2022-04-21 https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-16.md
CVE-2022-28432
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=display&value=0&sid=2. Date published : 2022-04-21 https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-13.md
CVE-2022-28431
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/siteoptions.php&social=remove&sid=2. Date published : 2022-04-21 https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-12.md
CVE-2022-28429
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/inbox.php&action=delete&msgid=. Date published : 2022-04-21 https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-10.md
CVE-2022-28427
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/inbox.php&action=read&msgid=. Date published : 2022-04-21 https://github.com/k0xx11/bug_report/blob/main/vendors/janobe/baby-care-system/SQLi-9.md