4 matches found
CVE-2024-25210
Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the expense parameter at /endpoint/deleteexpense.php...
CVE-2024-25210
Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the expense parameter at /endpoint/deleteexpense.php...
CVE-2024-25210
Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the expense parameter at /endpoint/deleteexpense.php...
CVE-2024-25210
Simple Expense Tracker v1.0 is affected by a SQL injection in the expense parameter of /endpoint/delete_expense.php. CVSS v3.1 base score 9.8 (CRITICAL) with network attack vector, no authentication, no user interaction. The root cause is injectable SQL via the expense parameter, affecting confid...