Code-projects

Daily Expense Manager

4 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-40734

  • EPSS 0.04%
  • Published 30.06.2025 08:31:31
  • Last modified 07.07.2025 18:17:48

Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the password and confirm_password parameters in /register.php.

6.1

CVE-2025-40733

  • EPSS 0.04%
  • Published 30.06.2025 08:31:15
  • Last modified 07.07.2025 18:18:08

Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the username parameter in /login.php.

7.5

CVE-2025-40732

  • EPSS 0.05%
  • Published 30.06.2025 08:30:06
  • Last modified 07.07.2025 19:38:33

user enumeration vulnerability in Daily Expense Manager v1.0. To exploit this vulnerability a POST request must be sent using the name parameter in /check.php

9.8

CVE-2025-40731

  • EPSS 0.05%
  • Published 30.06.2025 08:29:16
  • Last modified 07.07.2025 19:33:55

SQL injection vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pname, pprice and id parameters in /update.php.