Vulnerabilities > Purchase Order Management Project

DATE	CVE	VULNERABILITY TITLE	RISK
2023-04-14	CVE-2023-29621	Unrestricted Upload of File with Dangerous Type vulnerability in Purchase Order Management Project Purchase Order Management 1.0 Purchase Order Management v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server. network low complexity purchase-order-management-project CWE-434	8.8
2023-04-14	CVE-2023-29622	SQL Injection vulnerability in Purchase Order Management Project Purchase Order Management 1.0 Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchase_order/admin/login.php. network low complexity purchase-order-management-project CWE-89 critical	9.8
2023-04-14	CVE-2023-29623	Cross-site Scripting vulnerability in Purchase Order Management Project Purchase Order Management 1.0 Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the password parameter at /purchase_order/classes/login.php. network low complexity purchase-order-management-project CWE-79	6.1