Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:28 a.m.5 views

CVE-2024-29390

Daily Expenses Management System version 1.0, developed by PHP Gurukul, contains a time-based blind SQL injection vulnerability in the 'add-expense.php' page. An attacker can exploit the 'item' parameter in a POST request to execute arbitrary SQL commands in the backend database. This can be done...

7.3CVSS8.6AI score0.0037EPSS
Exploits2References1
CNVD
CNVD
added 2025/02/17 12:0 a.m.4 views

Daily Expense Tracker System SQL Injection Vulnerability (CNVD-2025-31004)

Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the dateexpense parameter in /dets/add-expense.php. No details ...

9.8CVSS8.1AI score0.00458EPSS
Exploits1References1
OSV
OSV
added 2025/02/12 4:15 p.m.3 views

CVE-2025-25349

PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the costitem parameter...

9.8CVSS5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.4 views

PHPGurukul Daily Expense Tracker System 安全漏洞

Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the dateexpense parameter in /dets/add-expense.php. No details ...

9.8CVSS7.8AI score0.00458EPSS
Exploits1References1
OSV
OSV
added 2024/06/20 9:15 p.m.4 views

CVE-2024-29390

Daily Expenses Management System version 1.0, developed by PHP Gurukul, contains a time-based blind SQL injection vulnerability in the 'add-expense.php' page. An attacker can exploit the 'item' parameter in a POST request to execute arbitrary SQL commands in the backend database. This can be done...

7.3CVSS6.1AI score0.0037EPSS
Exploits2References1
Rows per page
Query Builder