CVE-2022-46071
CRITICAL NUCLEIHelmet Store Showroom v1.0 - SQL Injection
Title source: llmExploitation Summary
CVE-2022-46071 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability can be exploited to bypass admin access.
Nuclei Templates (1)
Helmet Store Showroom v1.0 - SQL Injection
CRITICALVERIFIEDby Harsh
References (2)
Core 2
Core References
Exploit, Third Party Advisory
https://www.youtube.com/watch?v=5wit1Arzwxs&feature=youtu.be
Exploit, Third Party Advisory
https://yuyudhn.github.io/CVE-2022-46071/
Scores
CVSS v3
9.8
EPSS
0.0431
EPSS Percentile
89.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
CWE
CWE-89
Status
published
Products (1)
helmet_store_showroom_site_project/helmet_store_showroom_site
1.0
Published
Dec 14, 2022
Tracked Since
Feb 18, 2026