CVE-2022-28431
CVE-2022-28431 affects Baby Care System v1.0 with a SQL injection in /admin/siteoptions.php via the sid parameter (existing query includes social=remove&sid=2). The root cause is lack of input validation for sid, enabling attackers to craft SQL statements. Documented impacts include unauthorized ...