2 matches found
CVE-2022-40934
Online Pet Shop We App v1.0 is vulnerable to SQL injection via /petshop/classes/Master.php?f=deletesubcategory,id...
CVE-2022-40934
CVE-2022-40934 concerns Online Pet Shop We App v1.0 , with a reported SQL injection in the endpoint /pet_shop/classes/Master.php?f=delete_sub_category,id. The root cause is a lack of input validation/external SQL statement handling in the page parameter handling, enabling attackers to craft input...