CVE-2022-34972 Information

Description

So Filter Shop v3.x was discovered to contain multiple blind SQL injection vulnerabilities via the att_value_id manu_value_id opt_value_id and subcate_value_id parameters at /index.php?route=extension/module/so_filter_shop_by/filter_data.

Reference

https://packetstormsecurity.com/files/167605/OpenCart-3.x-So-Filter-Shop-By-SQL-Injection.html