Lucene search
+L

210 matches found

CNVD
CNVD
added 2025/06/11 12:0 a.m.6 views

Daily Expense Tracker System /expense-reports-detailed.php File SQL Injection Vulnerability

Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability, which originates from the lack of validation of externally-entered SQL statements in the parameter fromdate/todate in the file...

8.8CVSS8.2AI score0.00325EPSS
Exploits1References1
CNVD
CNVD
added 2025/06/06 12:0 a.m.6 views

Daily Expense Tracker System /expense-yearwise-reports-detailed.php File SQL Injection Vulnerability

Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter todate in the file...

8.8CVSS8.2AI score0.00342EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/06/05 11:58 p.m.16 views

CVE-2025-5546

A vulnerability classified as critical was found in PHPGurukul Daily Expense Tracker System 1.1. This vulnerability affects unknown code of the file /expense-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The...

8.8CVSS7.5AI score0.00325EPSS
Exploits1References1
OSV
OSV
added 2025/06/04 12:15 a.m.6 views

CVE-2025-5546

A vulnerability classified as critical was found in PHPGurukul Daily Expense Tracker System 1.1. This vulnerability affects unknown code of the file /expense-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The...

8.8CVSS5.8AI score0.00325EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/06/03 11:31 p.m.10 views

CVE-2025-5546 PHPGurukul Daily Expense Tracker System expense-reports-detailed.php sql injection

A vulnerability classified as critical was found in PHPGurukul Daily Expense Tracker System 1.1. This vulnerability affects unknown code of the file /expense-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The...

6.5CVSS6.9AI score0.00325EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/06/03 11:31 p.m.19 views

CVE-2025-5546 PHPGurukul Daily Expense Tracker System expense-reports-detailed.php sql injection

A vulnerability classified as critical was found in PHPGurukul Daily Expense Tracker System 1.1. This vulnerability affects unknown code of the file /expense-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The...

6.5CVSS0.00325EPSS
Exploits1References5
CVE
CVE
added 2025/06/03 11:31 p.m.49 views

CVE-2025-5546

PHPGurukul Daily Expense Tracker System 1.1 is affected by a SQL injection in /expense-reports-detailed.php via the fromdate/todate parameters. The issue allows remote attackers to execute arbitrary SQL commands and potentially access sensitive data. Public exploit information is present in sever...

8.8CVSS7.8AI score0.00325EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/06/03 12:0 a.m.6 views

PT-2025-23680 · Unknown · Phpgurukul Daily Expense Tracker System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Daily Expense Tracker System version 1.1 Description: A critical vulnerability was found in the PHPGurukul Daily Expense Tracker System. This issue affects unknown code in the file /expense-reports-detailed.php. The manipulation of...

8.8CVSS6.9AI score0.00325EPSS
Exploits1References10
NVD
NVD
added 2025/05/31 4:15 a.m.16 views

CVE-2025-5368

A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. This issue affects some unknown processing of the file /expense-yearwise-reports-detailed.php. The manipulation of the argument todate leads to sql injection. The attack may be initiated...

8.8CVSS0.00342EPSS
Exploits1References5
OSV
OSV
added 2025/05/31 4:15 a.m.9 views

CVE-2025-5368

A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. This issue affects some unknown processing of the file /expense-yearwise-reports-detailed.php. The manipulation of the argument todate leads to sql injection. The attack may be initiated...

8.8CVSS5.8AI score0.00342EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/05/31 4:0 a.m.9 views

CVE-2025-5368 PHPGurukul Daily Expense Tracker System expense-yearwise-reports-detailed.php sql injection

A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. This issue affects some unknown processing of the file /expense-yearwise-reports-detailed.php. The manipulation of the argument todate leads to sql injection. The attack may be initiated...

6.5CVSS6.8AI score0.00342EPSS
Exploits1References5
CVE
CVE
added 2025/05/31 4:0 a.m.64 views

CVE-2025-5368

PHPGurukul Daily Expense Tracker System v1.1 contains a SQL injection vulnerability in /expense-yearwise-reports-detailed.php caused by unsafely handling the todate parameter. Exploitation is remote and publicly disclosed. Several sources associate this CVE with high-severity impact (credit in so...

8.8CVSS6.8AI score0.00342EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/05/31 4:0 a.m.17 views

CVE-2025-5368 PHPGurukul Daily Expense Tracker System expense-yearwise-reports-detailed.php sql injection

A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. This issue affects some unknown processing of the file /expense-yearwise-reports-detailed.php. The manipulation of the argument todate leads to sql injection. The attack may be initiated...

6.5CVSS0.00342EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/05/31 12:0 a.m.5 views

PHPGurukul Daily Expense Tracker System 安全漏洞

Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter todate in the file...

8.8CVSS7AI score0.00342EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/05/23 9:46 a.m.9 views

CVE-2024-25211

Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the category parameter at /endpoint/deletecategory.php...

9.8CVSS9.8AI score0.00814EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:45 a.m.6 views

CVE-2024-25210

Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the expense parameter at /endpoint/deleteexpense.php...

9.8CVSS9.8AI score0.00814EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:31 a.m.10 views

CVE-2023-5286

A vulnerability, which was classified as problematic, has been found in SourceCodester Expense Tracker App v1. Affected by this issue is some unknown functionality of the file addcategory.php of the component Category Handler. The manipulation of the argument categoryname leads to cross site...

5.4CVSS6.2AI score0.00417EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:26 a.m.10 views

CVE-2023-44048

Sourcecodester Expense Tracker App v1 is vulnerable to Cross Site Scripting XSS via add category...

5.4CVSS6.1AI score0.00369EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 3:2 a.m.8 views

CVE-2023-1858

A vulnerability was found in SourceCodester Earnings and Expense Tracker App 1.0. It has been classified as problematic. This affects an unknown part of the file index.php. The manipulation of the argument page leads to information disclosure. It is possible to initiate the attack remotely. The...

7.5CVSS7AI score0.00583EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:1 a.m.18 views

CVE-2023-1688

A vulnerability classified as problematic has been found in SourceCodester Earnings and Expense Tracker App 1.0. This affects an unknown part of the file Master.php?a=saveexpense. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely...

6.1CVSS6.3AI score0.00363EPSS
Exploits0References1
Rows per page
Query Builder