Oretnom23 Expense Management System
By the Year
In 2024 there have been 1 vulnerability in Oretnom23 Expense Management System with an average score of 6.1 out of ten. Last year Expense Management System had 1 security vulnerability published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Expense Management System in 2024 could surpass last years number. Last year, the average CVE base score was greater by 1.70
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 1 | 6.10 |
2023 | 1 | 7.80 |
2022 | 2 | 6.30 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Expense Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Oretnom23 Expense Management System Security Vulnerabilities
A vulnerability was found in CodeAstro Expense Management System 1.0
CVE-2024-1031
6.1 - Medium
- January 30, 2024
A vulnerability was found in CodeAstro Expense Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file templates/5-Add-Expenses.php of the component Add Expenses Page. The manipulation of the argument item leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252304.
XSS
An issue in Expense Management System v.1.0
CVE-2023-44824
7.8 - High
- October 17, 2023
An issue in Expense Management System v.1.0 allows a local attacker to execute arbitrary code via a crafted file uploaded to the sign-up.php component.
Unrestricted File Upload
A stored Cross-Site Scripting (XSS) vulnerability exists in version 1.0 of the Expense Management System application
CVE-2021-41434
5.4 - Medium
- September 28, 2022
A stored Cross-Site Scripting (XSS) vulnerability exists in version 1.0 of the Expense Management System application that allows for arbitrary execution of JavaScript commands through index.php.
XSS
Expense Management System v1.0 was discovered to contain a SQL injection vulnerability
CVE-2022-36754
7.2 - High
- September 02, 2022
Expense Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /Home/debit_credit_p.
SQL Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Oretnom23 Expense Management System or by Oretnom23? Click the Watch button to subscribe.