Filtered by vendor Purchase Order Management Project Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-29623 1 Purchase Order Management Project 1 Purchase Order Management 2024-11-21 6.1 Medium
Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the password parameter at /purchase_order/classes/login.php.
CVE-2023-29622 1 Purchase Order Management Project 1 Purchase Order Management 2024-11-21 9.8 Critical
Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchase_order/admin/login.php.
CVE-2023-29621 1 Purchase Order Management Project 1 Purchase Order Management 2024-11-21 8.8 High
Purchase Order Management v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server.