3 matches found
CVE-2025-40733
Reflected Cross-Site Scripting XSS vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the username parameter in /login.php...
CVE-2025-40733
creationtimestamp| type| source ---|---|--- 2025-06-30 09:05:30+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19915 2025-06-30 13:01:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lstajlcusi2i...
CVE-2025-40733
CVE-2025-40733 is a reflected XSS vulnerability in Daily Expense Manager v1.0. The issue arises from insufficient filtering/escaping of user-supplied data in the POST parameter username of /login.php, allowing an attacker to execute JavaScript when a user interacts with the login flow. Multiple s...