4 matches found
CVE-2022-30398
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/admin/?page=orders/vieworder=...
CVE-2022-30398
creationtimestamp| type| source ---|---|--- 2022-05-13 18:28:02+00:00| seen| https://t.me/cibsecurity/42657...
CVE-2022-30398
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/admin/?page=orders/vieworder&id=...
CVE-2022-30398
CVE-2022-30398 affects Merchandise Online Store v1.0 and is exposed to SQL Injection via the parameter id in /vloggers_merch/admin/?page=orders/view_order&id=. The NVD entry documents a SQLi vulnerability with a CVSS 3.1 base score of 7.2 (HIGH), showing network access, low attack complexity, no ...