Lucene search
K

88 matches found

Nuclei
Nuclei
added yesterday67 views

Purchase Order Management v1.0 - SQL Injection

A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0. Affected is an unknown function of the file /admin/suppliers/viewdetails.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is...

9.8CVSS6.5AI score0.04122EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday45 views

Purchase Order Management v1.0 - Cross Site Scripting (Reflected)

Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the password parameter at /purchaseorder/classes/login.php. id: CVE-2023-29623 info: name: Purchase Order Management v1.0 - Cross Site Scripting Reflected author: theamanrawat severity:...

6.1CVSS6.4AI score0.0125EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/09 12:39 p.m.7 views

CVE-2023-29623

Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the password parameter at /purchaseorder/classes/login.php...

6.1CVSS6.3AI score0.0125EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:38 p.m.7 views

CVE-2023-29622

Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchaseorder/admin/login.php...

9.8CVSS8.4AI score0.01657EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-32509

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.02971EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-47343

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01057EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-42874

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00459EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-32508

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.02971EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-33799

Malicious code in bioql PyPI...

4.8CVSS4.2AI score0.00564EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 7:30 a.m.10 views

CVE-2024-48454

An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code via the /admin?page=user component...

7.2CVSS8AI score0.00874EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:36 a.m.6 views

CVE-2023-29621

Purchase Order Management v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server...

8.8CVSS8.3AI score0.00985EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:52 a.m.11 views

CVE-2023-2130

A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0. Affected is an unknown function of the file /admin/suppliers/viewdetails.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is...

9.8CVSS7.5AI score0.04122EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:6 a.m.6 views

CVE-2022-28023

Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchaseorder/classes/Master.php?f=deletesupplier...

9.8CVSS8.3AI score0.02971EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:7 a.m.9 views

CVE-2022-44400

Purchase Order Management System v1.0 contains a file upload vulnerability via /purchaseorder/admin/?page=systeminfo...

9.8CVSS7AI score0.01057EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:14 p.m.8 views

CVE-2022-3503

A vulnerability was found in SourceCodester Purchase Order Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the component Supplier Handler. The manipulation of the argument Supplier Name/Address/Contact person/Contact leads to cross site...

5.4CVSS6.4AI score0.00459EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:39 p.m.10 views

CVE-2022-28021

Purchase Order Management System v1.0 was discovered to contain a remote code execution RCE vulnerability via /purchaseorder/admin/?page=user...

9.8CVSS8.4AI score0.24256EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:39 p.m.8 views

CVE-2022-28022

Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchaseorder/classes/Master.php?f=deleteitem...

9.8CVSS8.3AI score0.02971EPSS
Exploits1References1
NVD
NVD
added 2024/10/24 7:15 p.m.28 views

CVE-2024-48454

An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code via the /admin?page=user component...

7.2CVSS0.00874EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/10/24 12:0 a.m.18 views

CVE-2024-48454

An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code via the /admin?page=user component...

7.9AI score0.00874EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/10/24 12:0 a.m.5 views

PT-2024-33118 · Sourcecodester · Sourcecodester Purchase Order Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Purchase Order Management System version 1.0 Description: The issue allows a remote attacker to execute arbitrary code via the "admin?page=user" component. This enables the attacker to potentially gain control over the system,...

7.2CVSS8AI score0.00874EPSS
Exploits0References7
Rows per page
Query Builder