Skip to main content

Purchase Order Management System

8 CVEs product

Monthly

CVE-2024-48454 HIGH This Week

An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code via the /admin?page=user component. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Purchase Order Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2023-2293 MEDIUM POC This Month

A vulnerability was found in SourceCodester Purchase Order Management System 1.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Purchase Order Management System
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2023-2130 CRITICAL POC Act Now

A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Purchase Order Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
4.1%
CVE-2022-44400 CRITICAL POC Act Now

Purchase Order Management System v1.0 contains a file upload vulnerability via /purchase_order/admin/?page=system_info. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Purchase Order Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-3503 MEDIUM POC This Month

A vulnerability was found in SourceCodester Purchase Order Management System 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Purchase Order Management System
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-28023 CRITICAL POC Act Now

Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchase_order/classes/Master.php?f=delete_supplier. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Purchase Order Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
3.0%
CVE-2022-28022 CRITICAL POC Act Now

Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchase_order/classes/Master.php?f=delete_item. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Purchase Order Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
3.0%
CVE-2022-28021 CRITICAL POC THREAT Act Now

Purchase Order Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via /purchase_order/admin/?page=user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Purchase Order Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
24.3%
EPSS 1% CVSS 7.2
HIGH This Week

An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code via the /admin?page=user component. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Purchase Order Management System
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM POC This Month

A vulnerability was found in SourceCodester Purchase Order Management System 1.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Purchase Order Management System
NVD GitHub VulDB
EPSS 4% CVSS 9.8
CRITICAL POC Act Now

A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Purchase Order Management System
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Purchase Order Management System v1.0 contains a file upload vulnerability via /purchase_order/admin/?page=system_info. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Purchase Order Management System
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

A vulnerability was found in SourceCodester Purchase Order Management System 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Purchase Order Management System
NVD GitHub VulDB
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchase_order/classes/Master.php?f=delete_supplier. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Purchase Order Management System
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchase_order/classes/Master.php?f=delete_item. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Purchase Order Management System
NVD GitHub
EPSS 24% CVSS 9.8
CRITICAL POC THREAT Act Now

Purchase Order Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via /purchase_order/admin/?page=user. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Purchase Order Management System
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy