5 matches found
CVE-2024-7937
CVE-2024-7937 affects the itsourcecode Project Expense Monitoring System 1.0. The vulnerability is in the file printtransfer.php , where manipulation of the transfer_id parameter leads to SQL injection. The attack is possible remotely and exploits have been disclosed publicly. Connected sources p...
CVE-2024-7933
The CVE-2024-7933 entry affects itsourcecode Project Expense Monitoring System version 1.0, specifically the Backend Login login1.php component. The root cause is manipulation of the user parameter in login1.php, leading to SQL injection. Severity in the sources ranges from high to critical (NVD/...
CVE-2024-7934
CVE-2024-7934 affects itsourcecode Project Expense Monitoring System 1.0. The vulnerability is in the file execute.php where manipulation of the parameter code leads to a SQL injection . It can be exploited remotely and has been disclosed publicly; multiple sources describe this as a critical iss...
CVE-2024-7935
The CVE-2024-7935 entry affects itsourcecode Project Expense Monitoring System 1.0. A vulnerability in the file print.php arises from manipulation of the map_id argument, leading to SQL injection. Exploitation is reported as remote, and an exploit has been disclosed publicly. Multiple connected d...
CVE-2024-7936
CVE-2024-7936 affects itsourcecode Project Expense Monitoring System 1.0. The vulnerability is a SQL injection in the transferred_report.php file, triggered by manipulating the start, end, or employee parameters. An attacker can exploit it remotely, and the exploit has been disclosed publicly. Re...