CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

88 matches found

Nuclei•added yesterday•21 views

Purchase Order Management v1.0 - SQL Injection

A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0. Affected is an unknown function of the file /admin/suppliers/viewdetails.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is...

9.8CVSS6.5AI score0.73794EPSS

Exploits1References5

Nuclei•added yesterday•15 views

Purchase Order Management v1.0 - Cross Site Scripting (Reflected)

Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the password parameter at /purchaseorder/classes/login.php. id: CVE-2023-29623 info: name: Purchase Order Management v1.0 - Cross Site Scripting Reflected author: theamanrawat severity:...

6.1CVSS6.1AI score0.27387EPSS

Exploits1References4

RedhatCVE•added 2026/01/09 12:39 p.m.•5 views

CVE-2023-29623

Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the password parameter at /purchaseorder/classes/login.php...

6.1CVSS6.3AI score0.27387EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:38 p.m.•4 views

CVE-2023-29622

Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchaseorder/admin/login.php...

9.8CVSS8.4AI score0.20355EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-47343

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00841EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-42874

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00223EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-32509

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.08554EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2023-33799

Malicious code in bioql PyPI...

4.8CVSS4.2AI score0.00302EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-32508

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.08554EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 7:30 a.m.•4 views

CVE-2024-48454

An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code via the /admin?page=user component...

7.2CVSS8AI score0.02659EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 3:36 a.m.•4 views

CVE-2023-29621

Purchase Order Management v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server...

8.8CVSS8.3AI score0.0087EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 1:52 a.m.•7 views

CVE-2023-2130

A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0. Affected is an unknown function of the file /admin/suppliers/viewdetails.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is...

9.8CVSS7.5AI score0.73794EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 1:6 a.m.•4 views

CVE-2022-28023

Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchaseorder/classes/Master.php?f=deletesupplier...

9.8CVSS8.3AI score0.08554EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 12:7 a.m.•6 views

CVE-2022-44400

Purchase Order Management System v1.0 contains a file upload vulnerability via /purchaseorder/admin/?page=systeminfo...

9.8CVSS7AI score0.00841EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 11:14 p.m.•4 views

CVE-2022-3503

A vulnerability was found in SourceCodester Purchase Order Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the component Supplier Handler. The manipulation of the argument Supplier Name/Address/Contact person/Contact leads to cross site...

5.4CVSS6.4AI score0.00223EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 10:39 p.m.•6 views

CVE-2022-28021

Purchase Order Management System v1.0 was discovered to contain a remote code execution RCE vulnerability via /purchaseorder/admin/?page=user...

9.8CVSS8.4AI score0.13885EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 10:39 p.m.•5 views

CVE-2022-28022

Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchaseorder/classes/Master.php?f=deleteitem...

9.8CVSS8.3AI score0.08554EPSS

Exploits1References1

NVD•added 2024/10/24 7:15 p.m.•14 views

CVE-2024-48454

An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code via the /admin?page=user component...

7.2CVSS0.02659EPSS

Exploits0References3

Cvelist•added 2024/10/24 12:0 a.m.•15 views

CVE-2024-48454

An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code via the /admin?page=user component...

Exploits0References3

CVE•added 2024/10/24 12:0 a.m.•65 views

CVE-2024-48454

CVE-2024-48454 targets SourceCodester Purchase Order Management System v1.0, allowing remote code execution via the /admin?page=user component. Multiple connected feeds (Red Hat, NVD, CVEs list, CNNVD, PT-Security) corroborate an RCE risk in the admin page, with confirmed affected software/versio...

7.2CVSS7.9AI score0.02659EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by