Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Daily_expense_manager
(Code\-Projects)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-06-30 | CVE-2025-40731 | SQL injection vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pname, pprice and id parameters in /update.php. | Daily_expense_manager | 9.8 | ||
| 2025-06-30 | CVE-2025-40732 | user enumeration vulnerability in Daily Expense Manager v1.0. To exploit this vulnerability a POST request must be sent using the name parameter in /check.php | Daily_expense_manager | 7.5 | ||
| 2025-06-30 | CVE-2025-40733 | Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the username parameter in /login.php. | Daily_expense_manager | 6.1 | ||
| 2025-06-30 | CVE-2025-40734 | Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the password and confirm_password parameters in /register.php. | Daily_expense_manager | 6.1 |