210 matches found
Daily Expense Tracker System /expense-reports-detailed.php File SQL Injection Vulnerability
Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability, which originates from the lack of validation of externally-entered SQL statements in the parameter fromdate/todate in the file...
Daily Expense Tracker System /expense-yearwise-reports-detailed.php File SQL Injection Vulnerability
Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter todate in the file...
CVE-2025-5546
A vulnerability classified as critical was found in PHPGurukul Daily Expense Tracker System 1.1. This vulnerability affects unknown code of the file /expense-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The...
CVE-2025-5546
A vulnerability classified as critical was found in PHPGurukul Daily Expense Tracker System 1.1. This vulnerability affects unknown code of the file /expense-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The...
CVE-2025-5546 PHPGurukul Daily Expense Tracker System expense-reports-detailed.php sql injection
A vulnerability classified as critical was found in PHPGurukul Daily Expense Tracker System 1.1. This vulnerability affects unknown code of the file /expense-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The...
CVE-2025-5546 PHPGurukul Daily Expense Tracker System expense-reports-detailed.php sql injection
A vulnerability classified as critical was found in PHPGurukul Daily Expense Tracker System 1.1. This vulnerability affects unknown code of the file /expense-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The...
CVE-2025-5546
PHPGurukul Daily Expense Tracker System 1.1 is affected by a SQL injection in /expense-reports-detailed.php via the fromdate/todate parameters. The issue allows remote attackers to execute arbitrary SQL commands and potentially access sensitive data. Public exploit information is present in sever...
PT-2025-23680 · Unknown · Phpgurukul Daily Expense Tracker System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Daily Expense Tracker System version 1.1 Description: A critical vulnerability was found in the PHPGurukul Daily Expense Tracker System. This issue affects unknown code in the file /expense-reports-detailed.php. The manipulation of...
CVE-2025-5368
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. This issue affects some unknown processing of the file /expense-yearwise-reports-detailed.php. The manipulation of the argument todate leads to sql injection. The attack may be initiated...
CVE-2025-5368
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. This issue affects some unknown processing of the file /expense-yearwise-reports-detailed.php. The manipulation of the argument todate leads to sql injection. The attack may be initiated...
CVE-2025-5368 PHPGurukul Daily Expense Tracker System expense-yearwise-reports-detailed.php sql injection
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. This issue affects some unknown processing of the file /expense-yearwise-reports-detailed.php. The manipulation of the argument todate leads to sql injection. The attack may be initiated...
CVE-2025-5368
PHPGurukul Daily Expense Tracker System v1.1 contains a SQL injection vulnerability in /expense-yearwise-reports-detailed.php caused by unsafely handling the todate parameter. Exploitation is remote and publicly disclosed. Several sources associate this CVE with high-severity impact (credit in so...
CVE-2025-5368 PHPGurukul Daily Expense Tracker System expense-yearwise-reports-detailed.php sql injection
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. This issue affects some unknown processing of the file /expense-yearwise-reports-detailed.php. The manipulation of the argument todate leads to sql injection. The attack may be initiated...
PHPGurukul Daily Expense Tracker System 安全漏洞
Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter todate in the file...
CVE-2024-25211
Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the category parameter at /endpoint/deletecategory.php...
CVE-2024-25210
Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the expense parameter at /endpoint/deleteexpense.php...
CVE-2023-5286
A vulnerability, which was classified as problematic, has been found in SourceCodester Expense Tracker App v1. Affected by this issue is some unknown functionality of the file addcategory.php of the component Category Handler. The manipulation of the argument categoryname leads to cross site...
CVE-2023-44048
Sourcecodester Expense Tracker App v1 is vulnerable to Cross Site Scripting XSS via add category...
CVE-2023-1858
A vulnerability was found in SourceCodester Earnings and Expense Tracker App 1.0. It has been classified as problematic. This affects an unknown part of the file index.php. The manipulation of the argument page leads to information disclosure. It is possible to initiate the attack remotely. The...
CVE-2023-1688
A vulnerability classified as problematic has been found in SourceCodester Earnings and Expense Tracker App 1.0. This affects an unknown part of the file Master.php?a=saveexpense. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely...