A SQL Injection issue in Merchandise Online Store v.1.0 allows an attacker to log in to the admin account.Referenceshttps://github.com/draco1725/sqlinj/blob/main/poc
