3 matches found
WordPress Paid Memberships Pro plugin <= 2.12.7 - Cross-Site Request Forgery to Level Orders Update vulnerability
Cross-Site Request Forgery to Level Orders Update vulnerability discovered by kodaichodai in WordPress Plugin Paid Memberships Pro versions = 2.12.7...
CVE-2022-44348
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/orders/updatestatus.php?id=...
PT-2023-18498 · Sourcecodester · Sourcecodester Online Eyewear Shop
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Eyewear Shop version 1.0 Description: A critical issue affects the component GET Parameter Handler in the file /admin/orders/update status.php. The manipulation of the id argument leads to sql injection, allowing remote...