Lucene search
K
Oretnom23Expense Management System

4 matches found

CVE
CVE
added 2022/09/02 10:30 p.m.66 views

CVE-2022-36754

Expense Management System v1.0 is vulnerable to SQL injection via the id parameter in /Home/debit_credit_p. The issue is caused by lack of input validation, allowing potentially unauthorized SQL statements. The NVD entry lists CVSS v3.1: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H with base score 7.2 ( H...

7.2CVSS7.2AI score0.00762EPSS
Web
CVE
CVE
added 2022/09/28 4:39 p.m.41 views

CVE-2021-41434

CVE-2021-41434 affects Expense Management System version 1.0 and is a stored XSS vulnerability that allows arbitrary JavaScript execution through index.php. The Red Hat/NVD entries confirm a stored XSS issue with the same vector, impacting the application as described; no exploit details are prov...

5.4CVSS5.5AI score0.00513EPSS
CVE
CVE
added 2023/10/17 12:0 a.m.37 views

CVE-2023-44824

CVE-2023-44824 relates to the Expense Management System v1.0, where a vulnerability in the sign-up.php component allows a local attacker to upload a crafted file that leads to arbitrary code execution. The issue is documented across multiple feeds (NVD/Red Hat/CVE records), consistently describin...

7.8CVSS7.7AI score0.00321EPSS
CVE
CVE
added 2024/01/30 1:0 p.m.37 views

CVE-2024-1031

CVE-2024-1031 affects CodeAstro Expense Management System 1.0. Multiple connected sources identify a cross-site scripting vulnerability in the Add Expenses Page, specifically in templates/5-Add-Expenses.php where the user-supplied parameter item is manipulated to inject scripts. The issue appears...

6.1CVSS6.1AI score0.00435EPSS
Web