CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Purchase Order Management Project: >> Purchase Order Management >> 1.0 Security Vulnerabilities

CVE-2023-29622

Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchase_order/admin/login.php.

CVSS Score

9.8

EPSS Score

0.165

Published

2023-04-14

CVE-2023-29623

Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the password parameter at /purchase_order/classes/login.php.

CVSS Score

6.1

EPSS Score

0.161

Published

2023-04-14

CVE-2023-29621

Purchase Order Management v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server.

CVSS Score

8.8

EPSS Score

0.001

Published

2023-04-14

Page 1

Vulnerabilities

Vulnerable Software

Purchase Order Management Project: >> Purchase Order Management >> 1.0 Security Vulnerabilities

Products

Pricing

Contact Us