9 matches found
POMS 1.0 Insecure Settings
============================================================================================================================================= | Title : POMS v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | |...
POMS PHP 1.0 SQL Injection / Shell Upload
Titles: POMS-PHP-by oretnom23 -v1.0-FU-SQLi-RCE-HAT.TRICK 1. SQLi Bypass Authentication 2. File Upload 3. RCE Latest update from the vendor: 5 hours 32 minutes ago Author: nu11secur1ty Date: 05/07/2024 Vendor: https://github.com/oretnom23 Software:...
Design/Logic Flaw
Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy...
CVE-2022-46751 Apache Ivy: XML External Entity vulnerability in Apache Ivy
Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy...
Purchase Order Management v1.0 - SQL Injection
SQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter. id: CVE-2021-40908 info: name: Purchase Order Management v1.0 - SQL Injection author: theamanrawat severity:...
Purchase Order Management v1.0 - SQL Injection
Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchaseorder/admin/login.php. id: CVE-2023-29622 info: name: Purchase Order Management v1.0 - SQL Injection author: theamanrawat severity: critical description: | Purchase Order...
Purchase Order Management v1.0 - SQL Injection
Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchaseorder/classes/Master.php?f=deletesupplier. id: CVE-2022-28023 info: name: Purchase Order Management v1.0 - SQL Injection author: theamanrawat severity: critical description: | Purchase Order...
POMS-PHP 1.0 SQL Injection Exploit
Exploit Title: POMS-PHP by: oretnom23 v1.0 is vulnerable to remote SQL-Injection-Bypass-Authentication. Author: nu11secur1ty Testing and Debugging: nu11secur1ty Vendor: https://www.sourcecodester.com/user/257130/activity Link:...
POMS-PHP 1.0 SQL Injection
Exploit Title: POMS-PHP by: oretnom23 v1.0 is vulnerable to remote SQL-Injection-Bypass-Authentication. Author: nu11secur1ty Testing and Debugging: nu11secur1ty Date: 09.09.2021 Vendor: https://www.sourcecodester.com/user/257130/activity Link:...