Lucene search
+L

210 matches found

OSV
OSV
added 2024/02/14 3:15 p.m.5 views

CVE-2024-25210

Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the expense parameter at /endpoint/deleteexpense.php...

9.8CVSS5.8AI score0.00814EPSS
Exploits1References1
Prion
Prion
added 2024/02/14 3:15 p.m.12 views

Sql injection

Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the expense parameter at /endpoint/deleteexpense.php...

8.6AI score0.00814EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/02/14 12:0 a.m.7 views

PT-2024-20821 · Unknown · Simple Expense Tracker

Name of the Vulnerable Software and Affected Versions: Simple Expense Tracker version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the category parameter at the "/endpoint/delete category.php" endpoint. Recommendations: For Simple...

9.8CVSS7.4AI score0.00814EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/02/14 12:0 a.m.6 views

CVE-2024-25211

Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the category parameter at /endpoint/deletecategory.php...

9.9AI score0.00814EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/02/14 12:0 a.m.23 views

CVE-2024-25211

Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the category parameter at /endpoint/deletecategory.php...

8.1AI score0.00814EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/02/14 12:0 a.m.21 views

CVE-2024-25210

Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the expense parameter at /endpoint/deleteexpense.php...

8.1AI score0.00814EPSS
Exploits1References1
CVE
CVE
added 2024/02/14 12:0 a.m.74 views

CVE-2024-25210

Simple Expense Tracker v1.0 is affected by a SQL injection in the expense parameter of /endpoint/delete_expense.php. CVSS v3.1 base score 9.8 (CRITICAL) with network attack vector, no authentication, no user interaction. The root cause is injectable SQL via the expense parameter, affecting confid...

9.8CVSS8.1AI score0.00814EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/02/14 12:0 a.m.6 views

Expense Tracker SQL Injection Vulnerability

Expense Tracker is an expense tracker organized by SourceCode and Projects. A security vulnerability exists in Simple Expense Tracker v1.0, which originates from a SQL injection vulnerability in the file /endpoint/deletecategory.php...

9.8CVSS7.9AI score0.00814EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/02/14 12:0 a.m.5 views

Expense Tracker SQL Injection Vulnerability

Expense Tracker is an expense tracker organized by SourceCode and Projects. A security vulnerability exists in Expense Tracker v1.0, which stems from a SQL injection vulnerability in the file /endpoint/deleteexpense.php...

9.8CVSS7.9AI score0.00814EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/02/14 12:0 a.m.5 views

PT-2024-20820 · Unknown · Simple Expense Tracker

Name of the Vulnerable Software and Affected Versions: Simple Expense Tracker version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the expense parameter at the "/endpoint/delete expense.php" API endpoint. Recommendations: For Simp...

9.8CVSS7.4AI score0.00814EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/02/14 12:0 a.m.7 views

CVE-2024-25210

Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the expense parameter at /endpoint/deleteexpense.php...

9.9AI score0.00814EPSS
Exploits1References1
OSV
OSV
added 2024/01/16 6:15 p.m.9 views

CVE-2024-22628

Budget and Expense Tracker System v1.0 is vulnerable to SQL Injection via /expensebudget/admin/?page=reports/budget&datestart=2023-12-28&dateend=...

7.2CVSS5.8AI score0.00626EPSS
Exploits1References1
NVD
NVD
added 2024/01/16 6:15 p.m.24 views

CVE-2024-22628

Budget and Expense Tracker System v1.0 is vulnerable to SQL Injection via /expensebudget/admin/?page=reports/budget&datestart=2023-12-28&dateend=...

7.2CVSS7.4AI score0.00626EPSS
Exploits1References1
Prion
Prion
added 2024/01/16 6:15 p.m.14 views

Sql injection

Budget and Expense Tracker System v1.0 is vulnerable to SQL Injection via /expensebudget/admin/?page=reports/budget&datestart=2023-12-28&dateend=...

5.8CVSS8.4AI score0.00626EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/16 12:0 a.m.4 views

CVE-2024-22628

Budget and Expense Tracker System v1.0 is vulnerable to SQL Injection via /expensebudget/admin/?page=reports/budget&datestart=2023-12-28&dateend=...

7.4AI score0.00626EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.6 views

Sourcecodester Budget And Expense Tracker System Security Vulnerability

Sourcecodester Budget And Expense Tracker System is a web-based application by Carlo Montero Personal Developer. It is used to manage your personal/small business budget and expenses. A security vulnerability exists in Sourcecodester Budget And Expense Tracker System v1.0, which stems from the...

7.2CVSS7.8AI score0.00626EPSS
Exploits1References2
CVE
CVE
added 2024/01/16 12:0 a.m.228 views

CVE-2024-22628

Budget and Expense Tracker System v1.0 is vulnerable to SQL Injection through the admin reports endpoint: /expense_budget/admin/?page=reports/budget&date_start=2023-12-28&date_end=. The vulnerability affects the endpoint handling date_start/date_end parameters without proper validation, enabling ...

7.2CVSS7.4AI score0.00626EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/01/16 12:0 a.m.28 views

CVE-2024-22628

Budget and Expense Tracker System v1.0 is vulnerable to SQL Injection via /expensebudget/admin/?page=reports/budget&datestart=2023-12-28&dateend=...

7.7AI score0.00626EPSS
Exploits1References1
NVD
NVD
added 2023/09/29 8:15 p.m.29 views

CVE-2023-5286

A vulnerability, which was classified as problematic, has been found in SourceCodester Expense Tracker App v1. Affected by this issue is some unknown functionality of the file addcategory.php of the component Category Handler. The manipulation of the argument categoryname leads to cross site...

5.4CVSS4.2AI score0.00417EPSS
Exploits0References3
OSV
OSV
added 2023/09/29 8:15 p.m.6 views

CVE-2023-5286

A vulnerability, which was classified as problematic, has been found in SourceCodester Expense Tracker App v1. Affected by this issue is some unknown functionality of the file addcategory.php of the component Category Handler. The manipulation of the argument categoryname leads to cross site...

5.4CVSS3.9AI score0.00417EPSS
Exploits0References3
Rows per page
Query Builder