Vulnerabilities > Purchase Order Management System Project

DATE CVE VULNERABILITY TITLE RISK
2023-04-25 CVE-2023-2293 Unspecified vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0
A vulnerability was found in SourceCodester Purchase Order Management System 1.0.
4.8
2023-04-17 CVE-2023-2130 Unspecified vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0
A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0.
network
low complexity
purchase-order-management-system-project
critical
9.8
2022-11-28 CVE-2022-44400 Unrestricted Upload of File with Dangerous Type vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0
Purchase Order Management System v1.0 contains a file upload vulnerability via /purchase_order/admin/?page=system_info.
network
low complexity
purchase-order-management-system-project CWE-434
critical
9.8
2022-10-14 CVE-2022-3503 Unspecified vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0
A vulnerability was found in SourceCodester Purchase Order Management System 1.0.
5.4
2022-04-21 CVE-2022-28021 Unrestricted Upload of File with Dangerous Type vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0
Purchase Order Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via /purchase_order/admin/?page=user.
network
low complexity
purchase-order-management-system-project CWE-434
critical
9.8
2022-04-21 CVE-2022-28022 SQL Injection vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0
Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchase_order/classes/Master.php?f=delete_item.
network
low complexity
purchase-order-management-system-project CWE-89
critical
9.8
2022-04-21 CVE-2022-28023 SQL Injection vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0
Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchase_order/classes/Master.php?f=delete_supplier.
network
low complexity
purchase-order-management-system-project CWE-89
critical
9.8
2022-01-24 CVE-2021-40908 SQL Injection vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0
SQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter.
network
low complexity
purchase-order-management-system-project CWE-89
critical
9.8