RSS   Vulnerabilities for
'Purchase order management system'
   RSS

2022-04-21
 
CVE-2022-28021

CWE-434
 

 
Purchase Order Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via /purchase_order/admin/?page=user.

 
 
CVE-2022-28022

CWE-89
 

 
Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchase_order/classes/Master.php?f=delete_item.

 
 
CVE-2022-28023

CWE-89
 

 
Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchase_order/classes/Master.php?f=delete_supplier.

 
2022-01-24
 
CVE-2021-40908

CWE-89
 

 
SQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top