Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Merchandise Online Store Project Subscribe
Total 20 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-42237 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-10-19 N/A 9.8 CRITICAL
A SQL Injection issue in Merchandise Online Store v.1.0 allows an attacker to log in to the admin account.
CVE-2022-42236 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-10-11 N/A 5.4 MEDIUM
A Stored XSS issue in Merchandise Online Store v.1.0 allows to injection of Arbitrary JavaScript in edit account form.
CVE-2022-42238 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-10-11 N/A 8.8 HIGH
A Vertical Privilege Escalation issue in Merchandise Online Store v.1.0 allows an attacker to get access to the admin dashboard.
CVE-2022-30423 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-06-09 7.5 HIGH 9.8 CRITICAL
Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in the user profile upload point in the system information.
CVE-2022-30454 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-05-28 7.5 HIGH 9.8 CRITICAL
Merchandise Online Store 1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_product.
CVE-2022-30401 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-05-23 6.5 MEDIUM 7.2 HIGH
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=view_product&id=.
CVE-2022-30400 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-05-23 6.5 MEDIUM 7.2 HIGH
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/orders/view_order.php?view=user&id=.
CVE-2022-30399 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-05-23 6.5 MEDIUM 7.2 HIGH
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_category&id=.
CVE-2022-30398 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-05-23 6.5 MEDIUM 7.2 HIGH
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=orders/view_order&id=.
CVE-2022-30396 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-05-23 6.5 MEDIUM 7.2 HIGH
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=inventory/manage_inventory&id=.
CVE-2022-30395 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-05-23 7.5 HIGH 9.8 CRITICAL
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_cart.
CVE-2022-30393 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-05-23 6.5 MEDIUM 7.2 HIGH
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=product/manage_product&id=.
CVE-2022-30392 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-05-23 7.5 HIGH 9.8 CRITICAL
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_sub_category.
CVE-2022-30387 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-05-23 7.5 HIGH 9.8 CRITICAL
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=pay_order.
CVE-2022-30402 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-05-23 6.5 MEDIUM 7.2 HIGH
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_sub_category&id=.
CVE-2022-30391 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-05-23 7.5 HIGH 9.8 CRITICAL
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_category.
CVE-2022-30385 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-05-23 7.5 HIGH 9.8 CRITICAL
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_order.
CVE-2022-30386 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-05-23 7.5 HIGH 9.8 CRITICAL
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_featured.
CVE-2022-30384 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-05-23 7.5 HIGH 9.8 CRITICAL
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_inventory.
CVE-2022-30381 1 Merchandise Online Store Project 1 Merchandise Online Store 2022-05-23 5.5 MEDIUM 6.5 MEDIUM
Merchandise Online Store v1.0 is vulnerable to file deletion via /vloggers_merch/classes/Master.php?f=delete_img.