33 matches found
CVE-2019-16416
HRworks 3.36.9 allows XSS via the purpose of a travel-expense report...
EUVD-2019-7157
Malware in sbrugna...
EUVD-2019-7158
Malware in sbrugna...
EUVD-2025-24956
Malicious code in bioql PyPI...
CVE-2025-8993
A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expensereport.php. The manipulation of the argument fromdate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...
CVE-2025-8993
A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expensereport.php. The manipulation of the argument fromdate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...
CVE-2025-8993
A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expensereport.php. The manipulation of the argument fromdate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...
CVE-2025-8993 itsourcecode Online Tour and Travel Management System expense_report.php sql injection
A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expensereport.php. The manipulation of the argument fromdate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...
CVE-2025-8993
The CVE-2025-8993 entry concerns itsourcecode Online Tour and Travel Management System 1.0. The vulnerability resides in the /admin/expense_report.php file, where manipulation of the from_date parameter enables SQL injection. This flaw could be triggered remotely, and multiple sources confirm tha...
CVE-2025-8993 itsourcecode Online Tour and Travel Management System expense_report.php sql injection
A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expensereport.php. The manipulation of the argument fromdate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...
PT-2025-33425 · Itsourcecode · Itsourcecode Online Tour/Travel Management System
Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A SQL injection issue exists in itsourcecode Online Tour and Travel Management System 1.0, specifically within the /admin/expense report.php file. Manipulation of...
CVE-2023-0533
A vulnerability, which was classified as critical, has been found in SourceCodester Online Tours & Travels Management System 1.0. Affected by this issue is some unknown functionality of the file admin/expensereport.php. The manipulation of the argument fromdate leads to sql injection. The attack...
CVE-2019-16417
HRworks FLOW 3.36.9 allows XSS via the purpose of a travel-expense report...
PHPGurukul Daily Expense Tracker System 安全漏洞
Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. The Daily Expense Tracker System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the fromdate/todate parameter of file...
CVE-2023-0534
A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. This affects an unknown part of the file admin/expensereport.php. The manipulation of the argument todate leads to sql injection. It is possible to initiate the attack...
CVE-2023-0533
A vulnerability, which was classified as critical, has been found in SourceCodester Online Tours & Travels Management System 1.0. Affected by this issue is some unknown functionality of the file admin/expensereport.php. The manipulation of the argument fromdate leads to sql injection. The attack...
CVE-2023-0534 SourceCodester Online Tours & Travels Management System expense_report.php sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. This affects an unknown part of the file admin/expensereport.php. The manipulation of the argument todate leads to sql injection. It is possible to initiate the attack...
PT-2023-16340 · Sourcecodester · Online Tours & Travels Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Tours & Travels Management System version 1.0 Description: A critical issue was found in the system, affecting an unknown part of the file admin/expense report.php. The manipulation of the to date argument leads to SQL...
PT-2023-16339 · Sourcecodester · Sourcecodester Online Tours & Travels Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Tours & Travels Management System version 1.0 Description: A critical issue has been found in the system, affecting some unknown functionality of the file admin/expense report.php. The manipulation of the from date...
Dolibarr Stored Cross-site Scripting in expensereport/card.php
An issue was discovered in Dolibarr through 7.0.0. There is Stored XSS in expensereport/card.php in the expense reports plugin via the comments parameter, or a public or private note...