4 matches found
CVE-2025-12229
Projectworlds Expense Management System 1.0 is reportedly vulnerable to cross-site scripting via the /public/admin/roles/create function in the Roles Page. Affected component is the Roles Page, with the root cause described as manipulation of an unknown function in that file. The vulnerability en...
CVE-2025-12230
CVE-2025-12230 affects projectworlds Expense Management System 1.0, specifically the Currency Page component (file /public/admin/currencies/create). The weakness allows cross-site scripting via manipulation of an unknown function in that file. Attacks are described as remote and the exploit is pu...
CVE-2025-12228
CVE-2025-12228 affects projectworlds Expense Management System 1.0. The flaw is in an unknown function of the file /public/admin/users/create on the Users Page, resulting in cross-site scripting (XSS) . Exploitation is described as remote, with publicly available exploit code. Multiple connected ...
CVE-2025-12231
CVE-2025-12231 affects projectworlds Expense Management System 1.0, specifically the Expense Categories Page component’s /public/admin/expense_categories/create function. The issue is a manipulation in an unknown function of that file that enables cross-site scripting. The vulnerability is remote...