Vulnerability CVE-2022-28607
Published: 2022-12-01

Description:
An issue was discovered in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to gain sensitive information via the action parameter to /system/user/modules/mod_users/controller.php.

 References:
https://github.com/killmonday/isic.lk-RCE
Copyright 2026, cxsecurity.com

 

Back to Top