210 matches found
CVE-2023-1785
A vulnerability was found in SourceCodester Earnings and Expense Tracker App 1.0. It has been classified as critical. Affected is an unknown function of the file manageuser.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifie...
CVE-2023-1689
A vulnerability classified as problematic was found in SourceCodester Earnings and Expense Tracker App 1.0. This vulnerability affects unknown code of the file Master.php?a=saveearning. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The...
CVE-2023-2772
A vulnerability, which was classified as critical, was found in SourceCodester Budget and Expense Tracker System 1.0. Affected is an unknown function of the file /admin/budget/managebudget.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It i...
CVE-2022-45033
A cross-site scripting XSS vulnerability in Expense Tracker 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat text field...
CVE-2021-26304
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter...
CVE-2021-26303
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the user-profile.php Full Name field...
Daily Expense Tracker System SQL Injection Vulnerability (CNVD-2025-31001)
Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. The Daily Expense Tracker System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the email parameter of the file /forgot-password.php. An...
Daily Expense Tracker System SQL Injection Vulnerability (CNVD-2025-30999)
Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. The Daily Expense Tracker System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the fromdate/todate parameter of file...
Daily Expense Tracker System SQL Injection Vulnerability (CNVD-2025-31000)
Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability, which originates from the lack of validation of the fromdate/todate parameter in the file /expense-monthwise-reports-detailed.php with...
Daily Expense Tracker System SQL Injection Vulnerability (CNVD-2025-31002)
Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter fullname/contactnumber in the file...
CVE-2025-4908
A vulnerability classified as critical has been found in PHPGurukul Daily Expense Tracker System 1.1. This affects an unknown part of the file /expense-datewise-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack...
CVE-2025-4925
A vulnerability has been found in PHPGurukul Daily Expense Tracker System 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /expense-monthwise-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The...
CVE-2025-4925
A vulnerability has been found in PHPGurukul Daily Expense Tracker System 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /expense-monthwise-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The...
CVE-2025-4925
Summary of the CVE (CVE-2025-4925) : A SQL injection vulnerability exists in PHPGurukul Daily Expense Tracker System 1.1, triggered by manipulating the fromdate and todate parameters in the file /expense-monthwise-reports-detailed.php. The flaw is exploitable remotely and has been disclosed publi...
CVE-2025-4925 PHPGurukul Daily Expense Tracker System expense-monthwise-reports-detailed.php sql injection
A vulnerability has been found in PHPGurukul Daily Expense Tracker System 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /expense-monthwise-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The...
CVE-2025-4925 PHPGurukul Daily Expense Tracker System expense-monthwise-reports-detailed.php sql injection
A vulnerability has been found in PHPGurukul Daily Expense Tracker System 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /expense-monthwise-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The...
CVE-2025-4908
A vulnerability classified as critical has been found in PHPGurukul Daily Expense Tracker System 1.1. This affects an unknown part of the file /expense-datewise-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack...
CVE-2025-4907
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The...
CVE-2025-4907
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The...
CVE-2025-4908
A vulnerability classified as critical has been found in PHPGurukul Daily Expense Tracker System 1.1. This affects an unknown part of the file /expense-datewise-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack...