Code-Projects Daily Expense Manager vulnerabilities
4 known vulnerabilities affecting code-projects/daily_expense_manager.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-40732HIGHCVSS 8.7v1.02025-06-30
CVE-2025-40732 [HIGH] CWE-203 CVE-2025-40732: user enumeration vulnerability in Daily Expense Manager v1.0. To exploit this vulnerability a POST r
user enumeration vulnerability in Daily Expense Manager v1.0. To exploit this vulnerability a POST request must be sent using the name parameter in /check.php
nvd
CVE-2025-40731HIGHCVSS 8.7v1.02025-06-30
CVE-2025-40731 [HIGH] CWE-89 CVE-2025-40731: SQL injection vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to
SQL injection vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pname, pprice and id parameters in /update.php.
nvd
CVE-2025-40733MEDIUMCVSS 5.1v1.02025-06-30
CVE-2025-40733 [MEDIUM] CWE-79 CVE-2025-40733: Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the username parameter in /login.php.
nvd
CVE-2025-40734MEDIUMCVSS 5.1v1.02025-06-30
CVE-2025-40734 [MEDIUM] CWE-79 CVE-2025-40734: Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability
Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the password and confirm_password parameters in /register.php.
nvd