Malicious Package

Overview expense-management is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

CVE-2021-41434

A stored Cross-Site Scripting XSS vulnerability exists in version 1.0 of the Expense Management System application that allows for arbitrary execution of JavaScript commands through index.php...

CVE-2025-12229

A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects an unknown function of the file /public/admin/roles/create of the component Roles Page. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been...

CVE-2025-12230

A weakness has been identified in projectworlds Expense Management System 1.0. This impacts an unknown function of the file /public/admin/currencies/create of the component Currency Page. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit ha...

CVE-2025-12228

A vulnerability was identified in projectworlds Expense Management System 1.0. The impacted element is an unknown function of the file /public/admin/users/create of the component Users Page. The manipulation leads to cross site scripting. The attack is possible to be carried out remotely. The...

CVE-2025-12231

A security vulnerability has been detected in projectworlds Expense Management System 1.0. Affected is an unknown function of the file /public/admin/expensecategories/create of the component Expense Categories Page. Such manipulation leads to cross site scripting. It is possible to launch the...

CVE-2025-12231

A security vulnerability has been detected in projectworlds Expense Management System 1.0. Affected is an unknown function of the file /public/admin/expensecategories/create of the component Expense Categories Page. Such manipulation leads to cross site scripting. It is possible to launch the...

CVE-2025-12231

A security vulnerability has been detected in projectworlds Expense Management System 1.0. Affected is an unknown function of the file /public/admin/expensecategories/create of the component Expense Categories Page. Such manipulation leads to cross site scripting. It is possible to launch the...

CVE-2025-12230

A weakness has been identified in projectworlds Expense Management System 1.0. This impacts an unknown function of the file /public/admin/currencies/create of the component Currency Page. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit ha...

CVE-2025-12229

A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects an unknown function of the file /public/admin/roles/create of the component Roles Page. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been...

CVE-2025-12228

A vulnerability was identified in projectworlds Expense Management System 1.0. The impacted element is an unknown function of the file /public/admin/users/create of the component Users Page. The manipulation leads to cross site scripting. The attack is possible to be carried out remotely. The...

CVE-2025-12229

A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects an unknown function of the file /public/admin/roles/create of the component Roles Page. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been...

CVE-2025-12230

A weakness has been identified in projectworlds Expense Management System 1.0. This impacts an unknown function of the file /public/admin/currencies/create of the component Currency Page. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit ha...

CVE-2025-12228

A vulnerability was identified in projectworlds Expense Management System 1.0. The impacted element is an unknown function of the file /public/admin/users/create of the component Users Page. The manipulation leads to cross site scripting. The attack is possible to be carried out remotely. The...

CVE-2025-12231

CVE-2025-12231 affects projectworlds Expense Management System 1.0, specifically the Expense Categories Page component’s /public/admin/expense_categories/create function. The issue is a manipulation in an unknown function of that file that enables cross-site scripting. The vulnerability is remote...

CVE-2025-12231 projectworlds Expense Management System Expense Categories create cross site scripting

A security vulnerability has been detected in projectworlds Expense Management System 1.0. Affected is an unknown function of the file /public/admin/expensecategories/create of the component Expense Categories Page. Such manipulation leads to cross site scripting. It is possible to launch the...

EUVD-2025-36106

A security vulnerability has been detected in projectworlds Expense Management System 1.0. Affected is an unknown function of the file /public/admin/expensecategories/create of the component Expense Categories Page. Such manipulation leads to cross site scripting. It is possible to launch the...

CVE-2025-12231 projectworlds Expense Management System Expense Categories create cross site scripting

A security vulnerability has been detected in projectworlds Expense Management System 1.0. Affected is an unknown function of the file /public/admin/expensecategories/create of the component Expense Categories Page. Such manipulation leads to cross site scripting. It is possible to launch the...

EUVD-2025-36107

A weakness has been identified in projectworlds Expense Management System 1.0. This impacts an unknown function of the file /public/admin/currencies/create of the component Currency Page. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit ha...

CVE-2025-12230 projectworlds Expense Management System Currency create cross site scripting

A weakness has been identified in projectworlds Expense Management System 1.0. This impacts an unknown function of the file /public/admin/currencies/create of the component Currency Page. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit ha...