Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2022-12-01	CVE-2022-30528	SQL Injection vulnerability in Isic.Lk Project Isic.Lk SQL Injection vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to execute arbitrary commands via the username parameter to /system/user/modules/mod_users/controller.php. network low complexity isic-lk-project CWE-89 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.