Shodan
Vulnerabilities
Vulnerable Software
Merchandise Online Store Project:  >> Merchandise Online Store  Security Vulnerabilities
CVE-2022-42237
A SQL Injection issue in Merchandise Online Store v.1.0 allows an attacker to log in to the admin account.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-10-17
CVE-2022-42236
A Stored XSS issue in Merchandise Online Store v.1.0 allows to injection of Arbitrary JavaScript in edit account form.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-10-11
CVE-2022-42238
A Vertical Privilege Escalation issue in Merchandise Online Store v.1.0 allows an attacker to get access to the admin dashboard.
CVSS Score
8.8
EPSS Score
0.001
Published
2022-10-11
CVE-2022-30423
Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in the user profile upload point in the system information.
CVSS Score
9.8
EPSS Score
0.01
Published
2022-06-02
CVE-2022-30454
Merchandise Online Store 1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_product.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-05-24
CVE-2022-30381
Merchandise Online Store v1.0 is vulnerable to file deletion via /vloggers_merch/classes/Master.php?f=delete_img.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-05-13
CVE-2022-30384
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_inventory.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-05-13
CVE-2022-30385
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_order.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-05-13
CVE-2022-30386
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_featured.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-05-13
CVE-2022-30387
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=pay_order.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-05-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved