CVE-2025-40731

CWE-89SQL Injection3 documents3 sources
Severity
8.7HIGH
EPSS
0.1%
top 81.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Daily Expense Manager Daily Expense ManagerCode-projects Daily Expense Manager
Timeline
PublishedJun 30

Description

SQL injection vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pname, pprice and id parameters in /update.php.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

🔴Vulnerability Details

2
CVEList
SQL injection vulnerability in Daily Expense Manager2025-06-30
GHSA
GHSA-v3h2-63cj-q48p: SQL injection vulnerability in Daily Expense Manager v12025-06-30
CVE-2025-40731 (HIGH CVSS 8.7) | SQL injection vulnerability in Dail | cvebase.io