Phpgurukul

Daily Expense Tracker System

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-5546

Exploit
  • EPSS 0.06%
  • Veröffentlicht 03.06.2025 23:31:08
  • Zuletzt bearbeitet 10.06.2025 15:15:55

A vulnerability classified as critical was found in PHPGurukul Daily Expense Tracker System 1.1. This vulnerability affects unknown code of the file /expense-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injectio...

8.8

CVE-2025-5368

Exploit
  • EPSS 0.09%
  • Veröffentlicht 31.05.2025 04:15:28
  • Zuletzt bearbeitet 03.06.2025 15:32:13

A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. This issue affects some unknown processing of the file /expense-yearwise-reports-detailed.php. The manipulation of the argument todate leads to s...

9.8

CVE-2025-4925

Exploit
  • EPSS 0.07%
  • Veröffentlicht 19.05.2025 09:15:25
  • Zuletzt bearbeitet 21.05.2025 12:58:28

A vulnerability has been found in PHPGurukul Daily Expense Tracker System 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /expense-monthwise-reports-detailed.php. The manipulation of the argument...

9.8

CVE-2025-4908

Exploit
  • EPSS 0.09%
  • Veröffentlicht 19.05.2025 03:00:09
  • Zuletzt bearbeitet 21.05.2025 17:25:58

A vulnerability classified as critical has been found in PHPGurukul Daily Expense Tracker System 1.1. This affects an unknown part of the file /expense-datewise-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injec...

9.8

CVE-2025-4907

Exploit
  • EPSS 0.09%
  • Veröffentlicht 19.05.2025 02:31:05
  • Zuletzt bearbeitet 21.05.2025 17:33:11

A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql inject...

9.8

CVE-2025-4785

Exploit
  • EPSS 0.09%
  • Veröffentlicht 16.05.2025 15:00:10
  • Zuletzt bearbeitet 21.05.2025 21:00:19

A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /user-profile.php. The manipulation of the argument fullname/contactnumber leads...

9.8

CVE-2025-25349

Exploit
  • EPSS 0.14%
  • Veröffentlicht 12.02.2025 16:15:46
  • Zuletzt bearbeitet 05.03.2025 19:15:38

PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the costitem parameter.

9.8

CVE-2025-25351

Exploit
  • EPSS 0.14%
  • Veröffentlicht 12.02.2025 16:15:46
  • Zuletzt bearbeitet 12.05.2025 16:15:22

PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the dateexpense parameter.

6.1

CVE-2021-26303

Exploit
  • EPSS 0.21%
  • Veröffentlicht 29.01.2021 02:15:13
  • Zuletzt bearbeitet 21.11.2024 05:56:02

PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the user-profile.php Full Name field.

5.4

CVE-2021-26304

Exploit
  • EPSS 0.18%
  • Veröffentlicht 29.01.2021 02:15:13
  • Zuletzt bearbeitet 21.11.2024 05:56:02

PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter.