CVE-2025-12932
MEDIUMSourceCodester Baby Care System 1.0 - SQL Injection
Title source: llmDescription
A vulnerability was determined in SourceCodester Baby Care System 1.0. Affected by this issue is some unknown functionality of the file /admin.php?id=inbox. This manipulation of the argument msgid causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.
References (5)
Scores
CVSS v3
4.7
EPSS
0.0003
EPSS Percentile
10.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Classification
CWE
CWE-74
CWE-89
Status
published
Affected Products (1)
janobe/baby_care_system
Timeline
Published
Nov 10, 2025
Tracked Since
Feb 18, 2026