Purchase Order Management v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| purchase_order_management_project | purchase_order_management | 1.0 |
Purchase Order Management v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /purchase_order/admin/login.php.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| purchase_order_management_project | purchase_order_management | 1.0 |
Purchase Order Management v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the password parameter at /purchase_order/classes/login.php.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| purchase_order_management_project | purchase_order_management | 1.0 |