Expense Management System is an expense management system. version v1.0 of Expense Management System is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in the id parameter of its /Home/debit_credit_p component. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
CPE | Name | Operator | Version |
---|---|---|---|
expense management system expense management system v | eq | 1.0 |