Lucene search

[email protected]NVD:CVE-2020-35752

HistoryMar 10, 2021 - 3:15 p.m.

CVE-2020-35752

2021-03-1015:15:12

CWE-79

[email protected]

web.nvd.nist.gov

baby care system

xss vulnerability

edit page tab

post title parameter

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

47.7%

JSON

Baby Care System 1.0 is affected by a cross-site scripting (XSS) vulnerability in the Edit Page tab through the Post title parameter.

Affected configurations

Nvd

Node

baby_care_system_projectbaby_care_systemMatch1.0

VendorProductVersionCPE
baby_care_system_projectbaby_care_system1.0cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
baby_care_system_project	baby_care_system	1.0	cpe:2.3:a:baby_care_system_project:baby_care_system:1.0:::::::*

References

www.exploit-db.com/exploits/49358

www.sourcecodester.com/download-code?nid=14622&title=Baby+Care+System+in+PHP%2FMySQLi+with+Full+Source+Code+

www.sourcecodester.com/php/14622/baby-care-system-phpmysqli-full-source-code.html

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

47.7%

JSON

Related for NVD:CVE-2020-35752

cvelist1 cve1 prion1