CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-31233
https://notcve.org/view.php?id=CVE-2021-31233
SQL Injection vulnerability found in Fighting Cock Information System v.1.0 allows a remote attacker to obtain sensitive information via the edit_breed.php parameter. • https://github.com/gabesolomon/CVE-2021-31233 https://www.sourcecodester.com/php/12824/fighting-cock-information-system.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39989
https://notcve.org/view.php?id=CVE-2022-39989
An issue was discovered in Fighting Cock Information System 1.0, which uses default credentials, but does not force nor prompt the administrators to change the credentials. • https://gist.github.com/0xHop/43c4da65e0d101328a46b1bd5a11b262 https://gist.github.com/0xHop/6ed962a1978edb1bd620c9c487400403 https://www.sourcecodester.com/php/12824/fighting-cock-information-system.html • CWE-798: Use of Hard-coded Credentials •