A security vulnerability has been detected in itsourcecode Baptism Information Management System 1.0. This affects an unknown function of the file /editBaptism.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.
History

Mon, 29 Jun 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 29 Jun 2026 08:45:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in itsourcecode Baptism Information Management System 1.0. This affects an unknown function of the file /editBaptism.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.
Title itsourcecode Baptism Information Management System editBaptism.php sql injection
First Time appeared Itsourcecode
Itsourcecode baptism Information Management System
Weaknesses CWE-74
CWE-89
CPEs cpe:2.3:a:itsourcecode:baptism_information_management_system:*:*:*:*:*:*:*:*
Vendors & Products Itsourcecode
Itsourcecode baptism Information Management System
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-06-29T08:30:08.169Z

Updated: 2026-06-29T14:52:28.374Z

Reserved: 2026-06-28T11:03:54.322Z

Link: CVE-2026-13551

cve-icon Vulnrichment

Updated: 2026-06-29T13:36:35.274Z

cve-icon NVD

No data.

cve-icon Redhat

No data.