merchandise online store project

Web & CMS Pluginsoss-project

Cumulative CVEs

Monthly snapshots

#47

Peak rank

Trend history

Full timeline

Top products

merchandise online store3

Latest CVEs

See all →

The 15 most recently published vulnerabilities affecting merchandise online store project.

CVE-2022-42237A SQL Injection issue in Merchandise Online Store v.1.0 allows an attacker to log in to the admin account.9.8Oct 17, 2022
CVE-2022-42238A Vertical Privilege Escalation issue in Merchandise Online Store v.1.0 allows an attacker to get access to the admin dashboard.8.8Oct 11, 2022
CVE-2022-42236A Stored XSS issue in Merchandise Online Store v.1.0 allows to injection of Arbitrary JavaScript in edit account form.5.4Oct 11, 2022
CVE-2022-30423Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in the user profile upload point in the system information.9.8May 27, 2022
CVE-2022-30454Merchandise Online Store 1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_product.9.8May 24, 2022
CVE-2022-30381Merchandise Online Store v1.0 is vulnerable to file deletion via /vloggers_merch/classes/Master.php?f=delete_img.6.5May 13, 2022
CVE-2022-30384Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_inventory.9.8May 13, 2022
CVE-2022-30385Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_order.9.8May 13, 2022
CVE-2022-30386Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_featured.9.8May 13, 2022
CVE-2022-30387Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=pay_order.9.8May 13, 2022
CVE-2022-30391Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_category.9.8May 13, 2022
CVE-2022-30392Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_sub_category.9.8May 13, 2022
CVE-2022-30393Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=product/manage_product&id=.7.2May 13, 2022
CVE-2022-30395Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_cart.9.8May 13, 2022
CVE-2022-30396Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=inventory/manage_inventory&id=.7.2May 13, 2022