Sourcecodester Earnings And Expense Tracker App vulnerabilities

5 known vulnerabilities affecting sourcecodester/earnings_and_expense_tracker_app.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2023-1858HIGHCVSS 7.5v1.02023-04-05
CVE-2023-1858 [MEDIUM] CWE-200 CVE-2023-1858: A vulnerability was found in SourceCodester Earnings and Expense Tracker App 1.0. It has been classi A vulnerability was found in SourceCodester Earnings and Expense Tracker App 1.0. It has been classified as problematic. This affects an unknown part of the file index.php. The manipulation of the argument page leads to information disclosure. It is possible to initiate the attack remotely. The identifier VDB-224997 was assigned to this vulnerability.
cvelistv5nvd
CVE-2023-1785CRITICALCVSS 9.8v1.02023-03-31
CVE-2023-1785 [MEDIUM] CWE-89 CVE-2023-1785: A vulnerability was found in SourceCodester Earnings and Expense Tracker App 1.0. It has been classi A vulnerability was found in SourceCodester Earnings and Expense Tracker App 1.0. It has been classified as critical. Affected is an unknown function of the file manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-224700.
cvelistv5nvd
CVE-2023-1690MEDIUMCVSS 6.1v1.02023-03-29
CVE-2023-1690 [LOW] CWE-79 CVE-2023-1690: A vulnerability, which was classified as problematic, has been found in SourceCodester Earnings and A vulnerability, which was classified as problematic, has been found in SourceCodester Earnings and Expense Tracker App 1.0. This issue affects some unknown processing of the file LoginRegistration.php?a=register_user. The manipulation of the argument fullname leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-224309 wa
cvelistv5nvd
CVE-2023-1689MEDIUMCVSS 6.1v1.02023-03-29
CVE-2023-1689 [LOW] CWE-79 CVE-2023-1689: A vulnerability classified as problematic was found in SourceCodester Earnings and Expense Tracker A A vulnerability classified as problematic was found in SourceCodester Earnings and Expense Tracker App 1.0. This vulnerability affects unknown code of the file Master.php?a=save_earning. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-224308.
cvelistv5nvd
CVE-2023-1688MEDIUMCVSS 6.1v1.02023-03-29
CVE-2023-1688 [LOW] CWE-79 CVE-2023-1688: A vulnerability classified as problematic has been found in SourceCodester Earnings and Expense Trac A vulnerability classified as problematic has been found in SourceCodester Earnings and Expense Tracker App 1.0. This affects an unknown part of the file Master.php?a=save_expense. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-2243
cvelistv5nvd