38 matches found
Purchase Order Management v1.0 - SQL Injection
A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0. Affected is an unknown function of the file /admin/suppliers/viewdetails.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is...
Purchase Order Management v1.0 - Cross Site Scripting (Reflected)
Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the password parameter at /purchaseorder/classes/login.php. id: CVE-2023-29623 info: name: Purchase Order Management v1.0 - Cross Site Scripting Reflected author: theamanrawat severity:...
EUVD-2022-47343
Malicious code in bioql PyPI...
EUVD-2022-42874
Malicious code in bioql PyPI...
EUVD-2022-32509
Malicious code in bioql PyPI...
EUVD-2022-32508
Malicious code in bioql PyPI...
EUVD-2023-33799
Malicious code in bioql PyPI...
CVE-2024-48454
An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code via the /admin?page=user component...
CVE-2023-2130
A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0. Affected is an unknown function of the file /admin/suppliers/viewdetails.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is...
CVE-2022-28023
Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchaseorder/classes/Master.php?f=deletesupplier...
CVE-2022-44400
Purchase Order Management System v1.0 contains a file upload vulnerability via /purchaseorder/admin/?page=systeminfo...
CVE-2022-3503
A vulnerability was found in SourceCodester Purchase Order Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the component Supplier Handler. The manipulation of the argument Supplier Name/Address/Contact person/Contact leads to cross site...
CVE-2022-28021
Purchase Order Management System v1.0 was discovered to contain a remote code execution RCE vulnerability via /purchaseorder/admin/?page=user...
CVE-2022-28022
Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchaseorder/classes/Master.php?f=deleteitem...
CVE-2024-48454
An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code via the /admin?page=user component...
CVE-2024-48454
CVE-2024-48454 targets SourceCodester Purchase Order Management System v1.0, allowing remote code execution via the /admin?page=user component. Multiple connected feeds (Red Hat, NVD, CVEs list, CNNVD, PT-Security) corroborate an RCE risk in the admin page, with confirmed affected software/versio...
PT-2024-33118 · Sourcecodester · Sourcecodester Purchase Order Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Purchase Order Management System version 1.0 Description: The issue allows a remote attacker to execute arbitrary code via the "admin?page=user" component. This enables the attacker to potentially gain control over the system,...
CVE-2024-48454
An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code via the /admin?page=user component...
CVE-2023-2293
A vulnerability was found in SourceCodester Purchase Order Management System 1.0. It has been classified as problematic. This affects an unknown part of the file classes/Master.php?f=saveitem. The manipulation of the argument description with the input alertdocument.cookie leads to cross site...
CVE-2023-2293 SourceCodester Purchase Order Management System cross site scripting
A vulnerability was found in SourceCodester Purchase Order Management System 1.0. It has been classified as problematic. This affects an unknown part of the file classes/Master.php?f=saveitem. The manipulation of the argument description with the input alertdocument.cookie leads to cross site...