MidnightBSD

Advisories for helmet_store_showroom_site_project

CVE-2022-46071

There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability can be exploited to bypass admin access.

Products Affected

Vendor Product Version
helmet_store_showroom_site_project helmet_store_showroom_site 1.0
CVE-2022-46117

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=view_product&id=.

Products Affected

Vendor Product Version
helmet_store_showroom_site_project helmet_store_showroom_site 1.0
CVE-2022-46118

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=product_per_brand&bid=.

Products Affected

Vendor Product Version
helmet_store_showroom_site_project helmet_store_showroom_site 1.0
CVE-2022-46119

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/?page=categories&c=.

Products Affected

Vendor Product Version
helmet_store_showroom_site_project helmet_store_showroom_site 1.0
CVE-2022-46120

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=products/view_product&id=.

Products Affected

Vendor Product Version
helmet_store_showroom_site_project helmet_store_showroom_site 1.0
CVE-2022-46121

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=products/manage_product&id=.

Products Affected

Vendor Product Version
helmet_store_showroom_site_project helmet_store_showroom_site 1.0
CVE-2022-46122

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/categories/view_category.php?id=.

Products Affected

Vendor Product Version
helmet_store_showroom_site_project helmet_store_showroom_site 1.0
CVE-2022-46123

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/categories/manage_category.php?id=.

Products Affected

Vendor Product Version
helmet_store_showroom_site_project helmet_store_showroom_site 1.0
CVE-2022-46124

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=user/manage_user&id=.

Products Affected

Vendor Product Version
helmet_store_showroom_site_project helmet_store_showroom_site 1.0
CVE-2022-46125

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/?page=client/manage_client&id=.

Products Affected

Vendor Product Version
helmet_store_showroom_site_project helmet_store_showroom_site 1.0
CVE-2022-46126

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/admin/brands/manage_brand.php?id=.

Products Affected

Vendor Product Version
helmet_store_showroom_site_project helmet_store_showroom_site 1.0
CVE-2022-46127

Helmet Store Showroom Site v1.0 is vulnerable to SQL Injection via /hss/classes/Master.php?f=delete_product.

Products Affected

Vendor Product Version
helmet_store_showroom_site_project helmet_store_showroom_site 1.0
CVE-2022-46472

Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /hss/classes/Users.php?f=delete.

Products Affected

Vendor Product Version
helmet_store_showroom_site_project helmet_store_showroom_site 1.0
CVE-2022-46946

Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_brand.

Products Affected

Vendor Product Version
helmet_store_showroom_site_project helmet_store_showroom_site 1.0
CVE-2022-46947

Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category.

Products Affected

Vendor Product Version
helmet_store_showroom_site_project helmet_store_showroom_site 1.0
CVE-2022-46949

Helmet Store Showroom Site v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_helmet.

Products Affected

Vendor Product Version
helmet_store_showroom_site_project helmet_store_showroom_site 1.0