CVE-2020-10107

PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS, as demonstrated by the ExpenseItem or ExpenseCost parameter in manage-expense.php...

EUVD-2020-2572

Malware in sbrugna...

CVE-2021-26304

PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter...

CVE-2024-7811 SourceCodester Daily Expenses Monitoring App delete-expense.php sql injection

A vulnerability classified as critical has been found in SourceCodester Daily Expenses Monitoring App 1.0. This affects an unknown part of the file /endpoint/delete-expense.php. The manipulation of the argument expense leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-29390

Daily Expenses Management System version 1.0, developed by PHP Gurukul, contains a time-based blind SQL injection vulnerability in the 'add-expense.php' page. An attacker can exploit the 'item' parameter in a POST request to execute arbitrary SQL commands in the backend database. This can be done...

PT-2024-4332 · Unknown · Daily Expenses Management System

Name of the Vulnerable Software and Affected Versions: Daily Expenses Management System version 1.0 Description: The Daily Expenses Management System contains a time-based blind SQL injection vulnerability in the 'add-expense.php' page. An attacker can exploit the item parameter in a POST request...

Sql injection

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. Affected by this issue is the function exec of the file admin/operations/expense.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2024-0735 SourceCodester Online Tours & Travels Management System expense.php exec sql injection

A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. Affected by this issue is the function exec of the file admin/operations/expense.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit...

Online Tours & Travels Management System SQL Injection Vulnerability

Online Tours & Travels Management System is an online travel management system by Mayuri K. Individual developer. A SQL injection vulnerability exists in Online Tours & Travels Management System version 1.0, which originates in the exec function of the file admin/operations/expense.php and can le...

CVE-2021-26304

PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter...

Design/Logic Flaw

PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter...

CVE-2021-26304

PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to a stored XSS flaw via the add-expense.php Item parameter (CVE-2021-26304). The vulnerability is confirmed across multiple sources in the connected documents; exploitation details beyond “stored XSS via the add-expense.php Item parameter...

CVE-2020-10107

PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS, as demonstrated by the ExpenseItem or ExpenseCost parameter in manage-expense.php...

CVE-2020-10107

CVE-2020-10107: PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS, evidenced by the ExpenseItem and ExpenseCost parameters within manage-expense.php. The Red Hat and NVD records corroborate a stored XSS issue affecting this application. No exploitation routes, affected versi...

CVE-2020-10107

PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS, as demonstrated by the ExpenseItem or ExpenseCost parameter in manage-expense.php...