Purchase Order Management Project Purchase Order Management — known CVE vulnerabilities
Every CVE whose affected-product data names Purchase Order Management Project Purchase Order Management, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-29622 — CVSS 9.8 (critical): Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchase_order/admin/l…
CVE-2023-29621 — CVSS 8.8 (high): Purchase Order Management v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary…
CVE-2023-29623 — CVSS 6.1 (medium): Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the password parameter at…