cbcvebase.

Barangay Management System Project Barangay Management System vulnerabilities

9 known vulnerabilities affecting barangay_management_system_project/barangay_management_system.

Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH5MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2022-34120P3HIGHCVSS 7.2v1.02022-07-27
CVE-2022-34120 [HIGH] CWE-434 CVE-2022-34120: Barangay Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerabilit Barangay Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the module editing function at /pages/activity/activity.php.
nvd
CVE-2022-34557P3HIGHCVSS 8.8v1.02022-07-28
CVE-2022-34557 [HIGH] CWE-89 CVE-2022-34557: Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidd Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /pages/permit/permit.php.
nvd
CVE-2022-35175P3CRITICALCVSS 9.8v1.02022-08-18
CVE-2022-35175 [CRITICAL] CWE-89 CVE-2022-35175: Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidd Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /blotter/blotter.php.
nvd
CVE-2022-34023P3CRITICALCVSS 9.8v1.02022-07-19
CVE-2022-34023 [CRITICAL] CWE-89 CVE-2022-34023: Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidd Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /officials/officials.php.
nvd
CVE-2022-34024P3HIGHCVSS 7.2v1.02022-07-19
CVE-2022-34024 [HIGH] CWE-434 CVE-2022-34024: Barangay Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via Barangay Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the resident module editing function at /bmis/pages/resident/resident.php.
nvd
CVE-2022-43228P4HIGHCVSS 7.2v1.02022-10-28
CVE-2022-43228 [HIGH] CWE-89 CVE-2022-43228: Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidd Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /clearance/clearance.php.
nvd
CVE-2022-34042P4HIGHCVSS 7.2v1.02022-07-20
CVE-2022-34042 [HIGH] CWE-89 CVE-2022-34042: Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidd Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /pages/household/household.php.
nvd
CVE-2024-25208P4MEDIUMCVSS 5.4v1.02024-02-14
CVE-2024-25208 [MEDIUM] CWE-79 CVE-2024-25208: Barangay Population Monitoring System v1.0 was discovered to contain a cross-site scripting (XSS) vu Barangay Population Monitoring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Add Resident function at /barangay-population-monitoring-system/masterlist.php. This vulnerabiity allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Full Name parameter.
nvd
CVE-2024-25207P4MEDIUMCVSS 5.4v1.02024-02-14
CVE-2024-25207 [MEDIUM] CWE-79 CVE-2024-25207: Barangay Population Monitoring System v1.0 was discovered to contain a cross-site scripting (XSS) vu Barangay Population Monitoring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Add Resident function at /barangay-population-monitoring-system/masterlist.php. This vulnerabiity allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Contact Number parameter.
nvd
Barangay Management System Project Barangay Management System vulnerabilities | cvebase