Lucene search
K
ProjectworldsExpense Management System

4 matches found

CVE
CVE
added 2025/10/27 5:32 a.m.15 views

CVE-2025-12229

Projectworlds Expense Management System 1.0 is reportedly vulnerable to cross-site scripting via the /public/admin/roles/create function in the Roles Page. Affected component is the Roles Page, with the root cause described as manipulation of an unknown function in that file. The vulnerability en...

4.8CVSS2.9AI score0.00235EPSS
Web
CVE
CVE
added 2025/10/27 6:2 a.m.15 views

CVE-2025-12230

CVE-2025-12230 affects projectworlds Expense Management System 1.0, specifically the Currency Page component (file /public/admin/currencies/create). The weakness allows cross-site scripting via manipulation of an unknown function in that file. Attacks are described as remote and the exploit is pu...

4.8CVSS3.2AI score0.00235EPSS
CVE
CVE
added 2025/10/27 5:32 a.m.14 views

CVE-2025-12228

CVE-2025-12228 affects projectworlds Expense Management System 1.0. The flaw is in an unknown function of the file /public/admin/users/create on the Users Page, resulting in cross-site scripting (XSS) . Exploitation is described as remote, with publicly available exploit code. Multiple connected ...

4.8CVSS5.2AI score0.00235EPSS
CVE
CVE
added 2025/10/27 6:2 a.m.11 views

CVE-2025-12231

CVE-2025-12231 affects projectworlds Expense Management System 1.0, specifically the Expense Categories Page component’s /public/admin/expense_categories/create function. The issue is a manipulation in an unknown function of that file that enables cross-site scripting. The vulnerability is remote...

4.8CVSS5.3AI score0.00235EPSS
Web