cve/2022/CVE-2022-28022.md

CVE-2022-28022

Description

Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchase_order/classes/Master.php?f=delete_item.

POC

Reference

• https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/purchase-order-management-system/SQLi-1.md

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/debug601/bug_report
• https://github.com/k0xx11/bug_report