CVE-2022-28429
CVE-2022-28429 affects Baby Care System v1.0. The vulnerability is a SQL injection in /admin/inbox.php (parameters: action=delete&msgid=) caused by lack of validation for external input in the msgid parameter. This can allow an attacker to execute arbitrary SQL commands and potentially exfiltrate...