2 matches found
CVE-2022-28436
Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin/uesrs.php=display=Hide=...
CVE-2022-28436
Summary: CVE-2022-28436 affects Baby Care System v1.0 with a SQL injection in the admin/uesrs.php endpoint via the userid parameter (/* action=display, value=Hide /). The root cause is lack of input validation for the userid parameter, enabling SQL commands to be injected and potentially exfiltra...