Vulnerabilities > HHG Multistore

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-28	CVE-2021-46444	SQL Injection vulnerability in Hhg-Multistore Multistore 4.10.3/5.1.0 H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/admin.php?module=admin_group_edit&agID. network low complexity hhg-multistore CWE-89 critical	9.8
2022-01-28	CVE-2021-46445	SQL Injection vulnerability in Hhg-Multistore Multistore 4.10.3/5.1.0 H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/categories.php?box_group_id. network low complexity hhg-multistore CWE-89 critical	9.8
2022-01-28	CVE-2021-46446	SQL Injection vulnerability in Hhg-Multistore Multistore 4.10.3/5.1.0 H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/admin.php?module=admin_access_group_edit&aagID. network low complexity hhg-multistore CWE-89 critical	9.8
2022-01-28	CVE-2021-46447	Cross-site Scripting vulnerability in Hhg-Multistore Multistore 4.10.3/5.1.0 A cross-site scripting (XSS) vulnerability in H.H.G Multistore v5.1.0 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the State parameter under the Address Book module. network low complexity hhg-multistore CWE-79	5.4
2022-01-28	CVE-2021-46448	SQL Injection vulnerability in Hhg-Multistore Multistore 4.10.3/5.1.0 H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/customers.php?page=1&cID. network low complexity hhg-multistore CWE-89 critical	9.8

Vulnerabilities > HHG Multistore {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"HHG Multistore"}]}

Vulnerabilities > HHG Multistore