cve/2022/CVE-2022-28021.md

CVE-2022-28021

Description

Purchase Order Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via /purchase_order/admin/?page=user.

POC

Reference

• https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/purchase-order-management-system/RCE-1.md

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/debug601/bug_report
• https://github.com/k0xx11/bug_report