Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Barangay Management System Project Subscribe
Filtered by product Barangay Management System
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-43228 1 Barangay Management System Project 1 Barangay Management System 2022-10-28 N/A 7.2 HIGH
Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /clearance/clearance.php.
CVE-2022-35175 1 Barangay Management System Project 1 Barangay Management System 2022-08-18 N/A 9.8 CRITICAL
Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /blotter/blotter.php.
CVE-2022-34120 1 Barangay Management System Project 1 Barangay Management System 2022-08-04 N/A 7.2 HIGH
Barangay Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the module editing function at /pages/activity/activity.php.
CVE-2022-34557 1 Barangay Management System Project 1 Barangay Management System 2022-08-04 N/A 8.8 HIGH
Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /pages/permit/permit.php.
CVE-2022-34042 1 Barangay Management System Project 1 Barangay Management System 2022-07-27 N/A 7.2 HIGH
Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /pages/household/household.php.
CVE-2022-34024 1 Barangay Management System Project 1 Barangay Management System 2022-07-24 N/A 7.2 HIGH
Barangay Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the resident module editing function at /bmis/pages/resident/resident.php.
CVE-2022-34023 1 Barangay Management System Project 1 Barangay Management System 2022-07-24 N/A 9.8 CRITICAL
Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /officials/officials.php.