Lucene search
K

38 matches found

Nuclei
Nuclei
added yesterday23 views

Purchase Order Management v1.0 - SQL Injection

A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0. Affected is an unknown function of the file /admin/suppliers/viewdetails.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is...

9.8CVSS6.6AI score0.04122EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday18 views

Purchase Order Management v1.0 - Cross Site Scripting (Reflected)

Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the password parameter at /purchaseorder/classes/login.php. id: CVE-2023-29623 info: name: Purchase Order Management v1.0 - Cross Site Scripting Reflected author: theamanrawat severity:...

6.1CVSS6.2AI score0.0125EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-47343

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01057EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-42874

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00459EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-32509

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.03008EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-32508

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.03008EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-33799

Malicious code in bioql PyPI...

4.8CVSS4.2AI score0.00564EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 7:30 a.m.10 views

CVE-2024-48454

An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code via the /admin?page=user component...

7.2CVSS8AI score0.00874EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:52 a.m.10 views

CVE-2023-2130

A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0. Affected is an unknown function of the file /admin/suppliers/viewdetails.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is...

9.8CVSS7.5AI score0.04122EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:6 a.m.5 views

CVE-2022-28023

Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchaseorder/classes/Master.php?f=deletesupplier...

9.8CVSS8.3AI score0.03008EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:7 a.m.7 views

CVE-2022-44400

Purchase Order Management System v1.0 contains a file upload vulnerability via /purchaseorder/admin/?page=systeminfo...

9.8CVSS7AI score0.01057EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:14 p.m.6 views

CVE-2022-3503

A vulnerability was found in SourceCodester Purchase Order Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the component Supplier Handler. The manipulation of the argument Supplier Name/Address/Contact person/Contact leads to cross site...

5.4CVSS6.4AI score0.00459EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:39 p.m.8 views

CVE-2022-28021

Purchase Order Management System v1.0 was discovered to contain a remote code execution RCE vulnerability via /purchaseorder/admin/?page=user...

9.8CVSS8.4AI score0.24531EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:39 p.m.7 views

CVE-2022-28022

Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchaseorder/classes/Master.php?f=deleteitem...

9.8CVSS8.3AI score0.03008EPSS
Exploits1References1
NVD
NVD
added 2024/10/24 7:15 p.m.17 views

CVE-2024-48454

An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code via the /admin?page=user component...

7.2CVSS0.00874EPSS
Exploits0References3
CVE
CVE
added 2024/10/24 12:0 a.m.75 views

CVE-2024-48454

CVE-2024-48454 targets SourceCodester Purchase Order Management System v1.0, allowing remote code execution via the /admin?page=user component. Multiple connected feeds (Red Hat, NVD, CVEs list, CNNVD, PT-Security) corroborate an RCE risk in the admin page, with confirmed affected software/versio...

7.2CVSS7.9AI score0.00874EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/24 12:0 a.m.5 views

PT-2024-33118 · Sourcecodester · Sourcecodester Purchase Order Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Purchase Order Management System version 1.0 Description: The issue allows a remote attacker to execute arbitrary code via the "admin?page=user" component. This enables the attacker to potentially gain control over the system,...

7.2CVSS8AI score0.00874EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/10/24 12:0 a.m.19 views

CVE-2024-48454

An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code via the /admin?page=user component...

0.00874EPSS
Exploits0References3
NVD
NVD
added 2023/04/25 9:15 p.m.26 views

CVE-2023-2293

A vulnerability was found in SourceCodester Purchase Order Management System 1.0. It has been classified as problematic. This affects an unknown part of the file classes/Master.php?f=saveitem. The manipulation of the argument description with the input alertdocument.cookie leads to cross site...

4.8CVSS3.9AI score0.00564EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/04/25 9:0 p.m.29 views

CVE-2023-2293 SourceCodester Purchase Order Management System cross site scripting

A vulnerability was found in SourceCodester Purchase Order Management System 1.0. It has been classified as problematic. This affects an unknown part of the file classes/Master.php?f=saveitem. The manipulation of the argument description with the input alertdocument.cookie leads to cross site...

3.3CVSS5.2AI score0.00564EPSS
Exploits1References3
Rows per page
Query Builder