Vulnerabilities > Purchase Order Management System Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-25 | CVE-2023-2293 | Cross-site Scripting vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0 A vulnerability was found in SourceCodester Purchase Order Management System 1.0. | 4.8 |
| 2023-04-17 | CVE-2023-2130 | SQL Injection vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0 A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0. | 9.8 |
| 2022-11-28 | CVE-2022-44400 | Unrestricted Upload of File with Dangerous Type vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0 Purchase Order Management System v1.0 contains a file upload vulnerability via /purchase_order/admin/?page=system_info. | 9.8 |
| 2022-10-14 | CVE-2022-3503 | Improper Enforcement of Message or Data Structure vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0 A vulnerability was found in SourceCodester Purchase Order Management System 1.0. | 5.4 |
| 2022-04-21 | CVE-2022-28021 | Unrestricted Upload of File with Dangerous Type vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0 Purchase Order Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via /purchase_order/admin/?page=user. | 9.8 |
| 2022-04-21 | CVE-2022-28022 | SQL Injection vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0 Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchase_order/classes/Master.php?f=delete_item. | 9.8 |
| 2022-04-21 | CVE-2022-28023 | SQL Injection vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0 Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchase_order/classes/Master.php?f=delete_supplier. | 9.8 |
| 2022-01-24 | CVE-2021-40908 | SQL Injection vulnerability in Purchase Order Management System Project Purchase Order Management System 1.0 SQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter. | 9.8 |