Baby-Care-System
Baby Care System in PHP/MySQLi with Full Source Code The Baby Care System is a web based system that is made up of PHP, JavaScript, CSS and MySQL for the database.
Exploit Title:Baby-Care-System 1.0 —— Arbitrary file upload vulnerability
Vendor Homepage: https://www.sourcecodester.com/php/14622/baby-care-system-phpmysqli-full-source-code.html
Software Link: https://www.sourcecodester.com/download-code?nid=14622&title=Baby+Care+System+in+PHP%2FMySQLi+with+Full+Source+Code+
Vulnerability Type:
File upload
Vulnerability Version :
V 1.0
Recurring environment:
Windows 10
Vulnerability Description AND recurrence:
The vulnerability is in the \BabyCare-master\admin\posts.php file,where there is no suffix to verify the uploaded file.

You can access our Webshell in the root directory

Exploit Title:Baby-Care-System 1.0 —— 'id' SQL Injection vulnerability
Vendor Homepage: https://www.sourcecodester.com/php/14622/baby-care-system-phpmysqli-full-source-code.html
Software Link: https://www.sourcecodester.com/download-code?nid=14622&title=Baby+Care+System+in+PHP%2FMySQLi+with+Full+Source+Code+
Vulnerability Type:
SQL Injection
Vulnerability Version :
V 1.0
Recurring environment:
Windows 10
Vulnerability Description AND recurrence:
The vulnerability is in the \BabyCare-master\inc\contentsectionpage.php

use SQL Map


