PHPGurukul Daily Expense Tracker System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in PHPGurukul Daily Expense Tracker System.
By the Year
In 2026 there have been 0 vulnerabilities in PHPGurukul Daily Expense Tracker System. Last year, in 2025 Daily Expense Tracker System had 8 security vulnerabilities published. Right now, Daily Expense Tracker System is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 8 | 9.55 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 2 | 5.75 |
| 2020 | 2 | 7.60 |
It may take a day or so for new Daily Expense Tracker System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent PHPGurukul Daily Expense Tracker System Security Vulnerabilities
SQLi in PHPGurukul Daily Expense Tracker 1.1 via /expense-reports-detailed.php
CVE-2025-5546
8.8 - High
- June 04, 2025
A vulnerability classified as critical was found in PHPGurukul Daily Expense Tracker System 1.1. This vulnerability affects unknown code of the file /expense-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul 1.1 SQLi via todate in expense-yearwise-reports-detailed.php
CVE-2025-5368
8.8 - High
- May 31, 2025
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. This issue affects some unknown processing of the file /expense-yearwise-reports-detailed.php. The manipulation of the argument todate leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
Critical SQLi in PHPGurukul ExpTracker 1.1 via exp-mw-detailed.php
CVE-2025-4925
9.8 - Critical
- May 19, 2025
A vulnerability has been found in PHPGurukul Daily Expense Tracker System 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /expense-monthwise-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQL Injection in PHPGurukul Daily Expense Tracker 1.1
CVE-2025-4908
9.8 - Critical
- May 19, 2025
A vulnerability classified as critical has been found in PHPGurukul Daily Expense Tracker System 1.1. This affects an unknown part of the file /expense-datewise-reports-detailed.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
PHPGurukul Daily Expense Tracker 1.1 SQL Injection in /forgot-password.php
CVE-2025-4907
9.8 - Critical
- May 19, 2025
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQLi via fullname/contnum in PHPGurukul D.Expense Tracker 1.1 /user-profile.php
CVE-2025-4785
9.8 - Critical
- May 16, 2025
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /user-profile.php. The manipulation of the argument fullname/contactnumber leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
SQL Injection in PHPGurukul Daily Expense Tracker v1.1 /dets/add-expense.php
CVE-2025-25351
9.8 - Critical
- February 12, 2025
PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the dateexpense parameter.
SQL Injection
SQLi in PHPGurukul Daily Expense Tracker 1.1 via costitem param
CVE-2025-25349
9.8 - Critical
- February 12, 2025
PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the costitem parameter.
SQL Injection
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS
CVE-2021-26303
6.1 - Medium
- January 29, 2021
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the user-profile.php Full Name field.
XSS
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS
CVE-2021-26304
5.4 - Medium
- January 29, 2021
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter.
XSS
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to SQL injection
CVE-2020-10106
9.8 - Critical
- March 05, 2020
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to SQL injection, as demonstrated by the email parameter in index.php or register.php. The SQL injection allows to dump the MySQL database and to bypass the login prompt.
SQL Injection
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS
CVE-2020-10107
5.4 - Medium
- March 05, 2020
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS, as demonstrated by the ExpenseItem or ExpenseCost parameter in manage-expense.php.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for PHPGurukul Daily Expense Tracker System or by PHPGurukul? Click the Watch button to subscribe.
