5 matches found
CVE-2024-29390
Daily Expenses Management System version 1.0, developed by PHP Gurukul, contains a time-based blind SQL injection vulnerability in the 'add-expense.php' page. An attacker can exploit the 'item' parameter in a POST request to execute arbitrary SQL commands in the backend database. This can be done...
Daily Expense Tracker System SQL Injection Vulnerability (CNVD-2025-31004)
Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the dateexpense parameter in /dets/add-expense.php. No details ...
CVE-2025-25349
PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the costitem parameter...
PHPGurukul Daily Expense Tracker System 安全漏洞
Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the dateexpense parameter in /dets/add-expense.php. No details ...
CVE-2024-29390
Daily Expenses Management System version 1.0, developed by PHP Gurukul, contains a time-based blind SQL injection vulnerability in the 'add-expense.php' page. An attacker can exploit the 'item' parameter in a POST request to execute arbitrary SQL commands in the backend database. This can be done...