2 matches found
CVE-2022-30385
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggersmerch/classes/Master.php?f=deleteorder...
CVE-2022-30385
Merchandise Online Store v1.0 is affected by a SQL Injection vulnerability in the delete_order path (/vloggers_merch/classes/Master.php?f=delete_order). The issue arises from unsanitized input in the affected function, enabling SQL query manipulation. CVSS metrics indicate a high to critical impa...