Expensemanagementsystemproject Expense Management System
By the Year
In 2024 there have been 0 vulnerabilities in Expensemanagementsystemproject Expense Management System . Last year Expense Management System had 1 security vulnerability published. Right now, Expense Management System is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 1 | 7.80 |
2022 | 3 | 7.47 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Expense Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Expensemanagementsystemproject Expense Management System Security Vulnerabilities
An issue in Expense Management System v.1.0
CVE-2023-44824
7.8 - High
- October 17, 2023
An issue in Expense Management System v.1.0 allows a local attacker to execute arbitrary code via a crafted file uploaded to the sign-up.php component.
Unrestricted File Upload
A stored Cross-Site Scripting (XSS) vulnerability exists in version 1.0 of the Expense Management System application
CVE-2021-41434
5.4 - Medium
- September 28, 2022
A stored Cross-Site Scripting (XSS) vulnerability exists in version 1.0 of the Expense Management System application that allows for arbitrary execution of JavaScript commands through index.php.
XSS
Expense Management System v1.0 was discovered to contain a SQL injection vulnerability
CVE-2022-36754
7.2 - High
- September 02, 2022
Expense Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Home/debit_credit_p.
SQL Injection
A vulnerability was found in SourceCodester Expense Management System
CVE-2022-2688
9.8 - Critical
- August 06, 2022
A vulnerability was found in SourceCodester Expense Management System. It has been rated as critical. This issue affects the function fetch_report_credit of the file report.php of the component POST Parameter Handler. The manipulation of the argument from/to leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-205811.
SQL Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Expensemanagementsystemproject Expense Management System or by Expensemanagementsystemproject? Click the Watch button to subscribe.