6 matches found
CVE-2021-26304
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter...
CVE-2024-29390
Daily Expenses Management System version 1.0, developed by PHP Gurukul, contains a time-based blind SQL injection vulnerability in the 'add-expense.php' page. An attacker can exploit the 'item' parameter in a POST request to execute arbitrary SQL commands in the backend database. This can be done...
PT-2024-4332 · Unknown · Daily Expenses Management System
Name of the Vulnerable Software and Affected Versions: Daily Expenses Management System version 1.0 Description: The Daily Expenses Management System contains a time-based blind SQL injection vulnerability in the 'add-expense.php' page. An attacker can exploit the item parameter in a POST request...
CVE-2021-26304
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter...
Design/Logic Flaw
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter...
CVE-2021-26304
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to a stored XSS flaw via the add-expense.php Item parameter (CVE-2021-26304). The vulnerability is confirmed across multiple sources in the connected documents; exploitation details beyond “stored XSS via the add-expense.php Item parameter...