Vulnerabilities > Purchase Order Management Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-14 | CVE-2023-29621 | Unrestricted Upload of File with Dangerous Type vulnerability in Purchase Order Management Project Purchase Order Management 1.0 Purchase Order Management v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server. | 8.8 |
2023-04-14 | CVE-2023-29622 | SQL Injection vulnerability in Purchase Order Management Project Purchase Order Management 1.0 Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchase_order/admin/login.php. | 9.8 |
2023-04-14 | CVE-2023-29623 | Cross-site Scripting vulnerability in Purchase Order Management Project Purchase Order Management 1.0 Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the password parameter at /purchase_order/classes/login.php. | 6.1 |