CVE-2022-46074 - Helmet Store Showroom v1.0 Cross Site Request Forgery
Unauthenticated user able to add admin account due to missing CSRF protection at Helmet Store Showroom v1.0.
Recent posts
CVE-2022-46073 - Helmet Store Showroom v1.0 Reflected XSS
Search page at Helmet Store Showroom v1.0 does not escape the search value, which could allow non-privileged users to perform Cross-Site Scripting attacks.
CVE-2022-46072 - Helmet Store Showroom v1.0 Unauthenticated SQL Injection
Helmet Store Showroom v1.0 vulnerable to unauthenticated SQL Injection.
CVE-2022-46071 - Helmet Store Showroom v1.0 Login Page SQL Injection
There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability can be exploited to bypass admin access.