CVE-2022-30387

CVE-2022-30387

EPSS 0.9%

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=pay_order.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/merchandise-online-store/SQLi-3.md.