24 matches found
CVE-2026-6193
A security flaw has been discovered in PHPGurukul Daily Expense Tracking System 1.1. Affected is an unknown function of the file /register.php. The manipulation of the argument email results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may...
CVE-2020-10107
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS, as demonstrated by the ExpenseItem or ExpenseCost parameter in manage-expense.php...
CVE-2025-5546
PHPGurukul Daily Expense Tracker System 1.1 is affected by a SQL injection in /expense-reports-detailed.php via the fromdate/todate parameters. The issue allows remote attackers to execute arbitrary SQL commands and potentially access sensitive data. Public exploit information is present in sever...
CVE-2021-26304
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter...
CVE-2025-4925 PHPGurukul Daily Expense Tracker System expense-monthwise-reports-detailed.php sql injection
A vulnerability has been found in PHPGurukul Daily Expense Tracker System 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /expense-monthwise-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The...
CVE-2025-4908
A vulnerability classified as critical has been found in PHPGurukul Daily Expense Tracker System 1.1. This affects an unknown part of the file /expense-datewise-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack...
CVE-2025-4907
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The...
PT-2025-21877 · Unknown · Phpgurukul Daily Expense Tracker System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Daily Expense Tracker System version 1.1 Description: A critical vulnerability has been found in PHPGurukul Daily Expense Tracker System. This affects an unknown part of the file /expense-datewise-reports-detailed.php. The...
PT-2025-21929 · Unknown · Phpgurukul Daily Expense Tracker System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Daily Expense Tracker System version 1.1 Description: A critical issue has been found in the system, affecting an unknown functionality of the file /expense-monthwise-reports-detailed.php. The manipulation of the fromdate and todat...
CVE-2025-4785
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /user-profile.php. The manipulation of the argument fullname/contactnumber leads to sql injection. The attack may be launched...
CVE-2025-4785
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /user-profile.php. The manipulation of the argument fullname/contactnumber leads to sql injection. The attack may be launched...
CVE-2025-4785 PHPGurukul Daily Expense Tracker System user-profile.php sql injection
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /user-profile.php. The manipulation of the argument fullname/contactnumber leads to sql injection. The attack may be launched...
CVE-2025-4785
CVE-2025-4785 affects PHPGurukul Daily Expense Tracker System version 1.1. The vulnerability is a SQL injection in the file /user-profile.php triggered by manipulating the fullname and contactnumber parameters, with remote exploit potential. Multiple connected sources confirm the issue and indica...
CVE-2025-4736
A vulnerability was found in PHPGurukul Daily Expense Tracker 1.1 and classified as critical. Affected by this issue is some unknown functionality of the file /register.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been...
CVE-2025-4736
The CVE concerns PHPGurukul Daily Expense Tracker 1.1. The vulnerability is a SQL injection in /register.php triggered by manipulating the email parameter, with remote exploitation and a publicly disclosed exploit. No patch/version fix details are provided in the documents. A temporary workaround...
CVE-2025-4736 PHPGurukul Daily Expense Tracker register.php sql injection
A vulnerability was found in PHPGurukul Daily Expense Tracker 1.1 and classified as critical. Affected by this issue is some unknown functionality of the file /register.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been...
CVE-2025-4736 PHPGurukul Daily Expense Tracker register.php sql injection
A vulnerability was found in PHPGurukul Daily Expense Tracker 1.1 and classified as critical. Affected by this issue is some unknown functionality of the file /register.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been...
PT-2025-21595 · Unknown · Phpgurukul Daily Expense Tracker
Name of the Vulnerable Software and Affected Versions: PHPGurukul Daily Expense Tracker version 1.1 Description: A critical issue affects an unknown functionality of the file /register.php. The manipulation of the email argument leads to SQL injection. The attack can be launched remotely. The...
PT-2025-21666 · Unknown · Phpgurukul Daily Expense Tracker System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Daily Expense Tracker System version 1.1 Description: A critical issue was found in the system, affecting some unknown functionality of the file /user-profile.php. The manipulation of the fullname and contactnumber arguments leads ...
CVE-2025-25349
PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the costitem parameter...