CVE-2022-28022
CVE-2022-28022 concerns the Purchase Order Management System v1.0, where a SQL injection vulnerability exists in the delete_item path exposed by /purchase_order/classes/Master.php?f=delete_item. The issue arises from insecure handling of input in the affected function, enabling an attacker to cra...