An issue was discovered in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to gain sensitive information via the action parameter to /system/user/modules/mod_users/controller.php.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/killmonday/isic.lk-RCE |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-12-01T00:00:00
Updated: 2024-08-03T05:56:16.102Z
Reserved: 2022-04-04T00:00:00
Link: CVE-2022-28607
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-12-01T13:15:10.183
Modified: 2022-12-05T18:30:15.020
Link: CVE-2022-28607
Redhat
No data.