CVE-2024-22628

Budget and Expense Tracker System v1.0 is vulnerable to SQL Injection via /expensebudget/admin/?page=reports/budget&datestart=2023-12-28&dateend=...

PT-2024-19507 · Unknown · Budget/Expense Tracker System

Name of the Vulnerable Software and Affected Versions: Budget and Expense Tracker System version 1.0 Description: The issue is related to SQL Injection. It can be exploited via the "/expense budget/admin/?page=reports/budget&date start=2023-12-28&date end=" endpoint. The date start and date end...