A SQL Injection issue in Merchandise Online Store v.1.0 allows an malicious user to log in to the admin account.
merchandise online store project merchandise online store 1.0