A SQL Injection issue in Merchandise Online Store v.1.0 allows an attacker to log in to the admin account.
CWE-89
CVE-2022-42241
Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_message.
CVE-2022-42242
Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_booking.
CVE-2022-42243
Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/manage_storage.php?id=.
CVE-2022-42245
Dreamer CMS 4.0.01 is vulnerable to SQL Injection.
CVE-2022-42249
Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/view_storage.php?id=.