19 matches found
CVE-2024-41618
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to SQL Injection in the transactiondeletegroup function. The vulnerability is due to improper sanitization of user input in the TrDeleteArr parameter, which is directly incorporated into an SQL query...
CVE-2024-41617
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to Incorrect Access Control. The redirectifnotloggedin function in functionssecurity.php fails to terminate script execution after redirecting unauthenticated users. This flaw allows an unauthenticated attacker to upload arbitrary...
CVE-2024-41617
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to Incorrect Access Control. The redirectifnotloggedin function in functionssecurity.php fails to terminate script execution after redirecting unauthenticated users. This flaw allows an unauthenticated attacker to upload arbitrary...
CVE-2024-41618
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to SQL Injection in the transactiondeletegroup function. The vulnerability is due to improper sanitization of user input in the TrDeleteArr parameter, which is directly incorporated into an SQL query...
CVE-2024-41617
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to Incorrect Access Control. The redirectifnotloggedin function in functionssecurity.php fails to terminate script execution after redirecting unauthenticated users. This flaw allows an unauthenticated attacker to upload arbitrary...
CVE-2024-41618
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to SQL Injection in the transactiondeletegroup function. The vulnerability is due to improper sanitization of user input in the TrDeleteArr parameter, which is directly incorporated into an SQL query...
CVE-2024-41618
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to SQL Injection in the transactiondeletegroup function. The vulnerability is due to improper sanitization of user input in the TrDeleteArr parameter, which is directly incorporated into an SQL query...
CVE-2024-41618
CVE-2024-41618 affects Money Manager EX WebApp (web-money-manager-ex) 1.2.2 and is caused by improper sanitization of the TrDeleteArr parameter in transaction_delete_group, allowing SQL injection. The vulnerability is described consistently across Red Hat, NVD, OSV, CNNVD, CVEList/CVE pages, and ...
CVE-2024-41617
Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to Incorrect Access Control: the redirect_if_not_loggedin function in functions_security.php does not terminate after redirecting unauthenticated users. This allows an unauthenticated attacker to upload arbitrary files, potentiall...
Money Manager EX WebApp 安全漏洞
Money Manager EX WebApp is an open source personal finance management software from Money Manager EX. A security vulnerability exists in Money Manager EX WebApp version 1.2.2, which stems from an access control error, where the function fails to terminate script execution after redirecting an...
CVE-2024-41618
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to SQL Injection in the transactiondeletegroup function. The vulnerability is due to improper sanitization of user input in the TrDeleteArr parameter, which is directly incorporated into an SQL query...
web-money-manager-ex 安全漏洞
web-money-manager-ex is a personal money management system from Money Manager Ex. A security vulnerability exists in web-money-manager-ex version 1.2.2, which stems from improper cleanup of user input in the TrDeleteArr parameter, making it susceptible to SQL injection attacks...
CVE-2024-41617
Money Manager EX WebApp web-money-manager-ex 1.2.2 is vulnerable to Incorrect Access Control. The redirectifnotloggedin function in functionssecurity.php fails to terminate script execution after redirecting unauthenticated users. This flaw allows an unauthenticated attacker to upload arbitrary...
PT-2024-29465 · Unknown · Money Manager Ex Webapp
Name of the Vulnerable Software and Affected Versions: Money Manager EX WebApp versions 1.2.2 Description: The issue is related to Incorrect Access Control. The redirect if not loggedin function in functions security.php fails to terminate script execution after redirecting unauthenticated users...
Expense IQ Money Manager - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities
HackApp vulnerability scanner discovered that application Expense IQ Money Manager published at the 'play' market has multiple vulnerabilities...
Monefy - Money Manager - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Monefy - Money Manager published at the 'play' market has multiple vulnerabilities...
SmartSpends: Money Manager App - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities
HackApp vulnerability scanner discovered that application SmartSpends: Money Manager App published at the 'play' market has multiple vulnerabilities...
My Finance Coach Money Manager - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities
HackApp vulnerability scanner discovered that application My Finance Coach Money Manager published at the 'play' market has multiple vulnerabilities...
Sahar Money Manager Insecure Library Loading Vulnerability
A vulnerability has been discovered in Sahar Money Manager, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. Libraries list called is as follows: unicows.dll This can be exploited ...