2 matches found
CVE-2022-46124
Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=user/manageuser=...
CVE-2022-46124
Affected software: Helmet Store Showroom Site v1.0. The vulnerability is a SQL Injection in the admin endpoint at /hss/admin/?page=user/manage_user&id= (or similar). Root cause: untrusted input in the id parameter allows manipulation of database queries, with high impact on confidentiality, integ...