Purchase Order Management Project Purchase Order Management vulnerabilities
3 known vulnerabilities affecting purchase_order_management_project/purchase_order_management.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-29623P3MEDIUMCVSS 6.1PoCv1.02023-04-14
CVE-2023-29623 [MEDIUM] CWE-79 CVE-2023-29623: Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting (XSS) vuln
Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the password parameter at /purchase_order/classes/login.php.
nvd
CVE-2023-29621P3HIGHCVSS 8.8v1.02023-04-14
CVE-2023-29621 [HIGH] CWE-434 CVE-2023-29621: Purchase Order Management v1.0 was discovered to contain an arbitrary file upload vulnerability whic
Purchase Order Management v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server.
nvd
CVE-2023-29622P3CRITICALCVSS 9.8v1.02023-04-14
CVE-2023-29622 [CRITICAL] CWE-89 CVE-2023-29622: Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the passw
Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchase_order/admin/login.php.
nvd