Merchandise Online Store
by Oretnom23
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-30423 | 0.00 | — | 0.02 | May 27, 2022 | Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in the user profile upload point in the system information. | |||
| CVE-2022-30386 | 0.00 | — | 0.01 | May 13, 2022 | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_featured. | |||
| CVE-2022-30391 | 0.00 | — | 0.01 | May 13, 2022 | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_category. | |||
| CVE-2022-30392 | 0.00 | — | 0.01 | May 13, 2022 | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_sub_category. | |||
| CVE-2022-30393 | 0.00 | — | 0.01 | May 13, 2022 | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=product/manage_product&id=. | |||
| CVE-2022-30396 | 0.00 | — | 0.01 | May 13, 2022 | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=inventory/manage_inventory&id=. | |||
| CVE-2022-30400 | 0.00 | — | 0.01 | May 13, 2022 | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/orders/view_order.php?view=user&id=. | |||
| CVE-2022-30402 | 0.00 | — | 0.01 | May 13, 2022 | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_sub_category&id=. | |||
| CVE-2022-30403 | 0.00 | — | 0.01 | May 13, 2022 | Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=products&c=. |
- CVE-2022-30423May 27, 2022risk 0.00cvss —epss 0.02
Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in the user profile upload point in the system information.
- CVE-2022-30386May 13, 2022risk 0.00cvss —epss 0.01
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_featured.
- CVE-2022-30391May 13, 2022risk 0.00cvss —epss 0.01
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_category.
- CVE-2022-30392May 13, 2022risk 0.00cvss —epss 0.01
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_sub_category.
- CVE-2022-30393May 13, 2022risk 0.00cvss —epss 0.01
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=product/manage_product&id=.
- CVE-2022-30396May 13, 2022risk 0.00cvss —epss 0.01
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=inventory/manage_inventory&id=.
- CVE-2022-30400May 13, 2022risk 0.00cvss —epss 0.01
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/orders/view_order.php?view=user&id=.
- CVE-2022-30402May 13, 2022risk 0.00cvss —epss 0.01
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_sub_category&id=.
- CVE-2022-30403May 13, 2022risk 0.00cvss —epss 0.01
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=products&c=.