Vulnerabilities > Isic LK Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-12-01	CVE-2022-28607	Unspecified vulnerability in Isic.Lk Project Isic.Lk An issue was discovered in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to gain sensitive information via the action parameter to /system/user/modules/mod_users/controller.php. network low complexity isic-lk-project	7.5
2022-12-01	CVE-2022-30528	SQL Injection vulnerability in Isic.Lk Project Isic.Lk SQL Injection vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to execute arbitrary commands via the username parameter to /system/user/modules/mod_users/controller.php. network low complexity isic-lk-project CWE-89 critical	9.8
2022-11-22	CVE-2022-30529	Unrestricted Upload of File with Dangerous Type vulnerability in Isic.Lk Project Isic.Lk File upload vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to upload arbitrary files via /system/application/libs/js/tinymce/plugins/filemanager/dialog.php and /system/application/libs/js/tinymce/plugins/filemanager/upload.php. network low complexity isic-lk-project CWE-434	7.2

Vulnerabilities > Isic LK Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Isic LK Project"}]}