Filtered by vendor Merchandise Online Store Project
Subscribe
Total
20 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-42238 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | N/A | 8.8 HIGH |
| A Vertical Privilege Escalation issue in Merchandise Online Store v.1.0 allows an attacker to get access to the admin dashboard. | |||||
| CVE-2022-42237 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | N/A | 9.8 CRITICAL |
| A SQL Injection issue in Merchandise Online Store v.1.0 allows an attacker to log in to the admin account. | |||||
| CVE-2022-42236 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | N/A | 5.4 MEDIUM |
| A Stored XSS issue in Merchandise Online Store v.1.0 allows to injection of Arbitrary JavaScript in edit account form. | |||||
| CVE-2022-30454 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Merchandise Online Store 1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_product. | |||||
| CVE-2022-30423 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in the user profile upload point in the system information. | |||||
| CVE-2022-30402 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_sub_category&id=. | |||||
| CVE-2022-30401 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=view_product&id=. | |||||
| CVE-2022-30400 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/orders/view_order.php?view=user&id=. | |||||
| CVE-2022-30399 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_category&id=. | |||||
| CVE-2022-30398 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=orders/view_order&id=. | |||||
| CVE-2022-30396 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=inventory/manage_inventory&id=. | |||||
| CVE-2022-30395 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_cart. | |||||
| CVE-2022-30393 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=product/manage_product&id=. | |||||
| CVE-2022-30392 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_sub_category. | |||||
| CVE-2022-30391 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_category. | |||||
| CVE-2022-30387 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=pay_order. | |||||
| CVE-2022-30386 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_featured. | |||||
| CVE-2022-30385 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_order. | |||||
| CVE-2022-30384 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_inventory. | |||||
| CVE-2022-30381 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
| Merchandise Online Store v1.0 is vulnerable to file deletion via /vloggers_merch/classes/Master.php?f=delete_img. | |||||