Submit #570814: phpgurukul Daily Expense Tracker v1.1 SQL Injectioninfo

Titlephpgurukul Daily Expense Tracker v1.1 SQL Injection
DescriptionDuring the security assessment of "Daily Expense Tracker", I detected a critical SQL injection vulnerability in the "/register.php" file. This vulnerability is attributed to the insufficient validation of user input for the "email" parameter. This inadequacy enables attackers to inject malicious SQL queries. Consequently, attackers can access the database without proper authorization, modify or delete data, and obtain sensitive information. Immediate corrective actions are essential to safeguard system security and uphold data integrity.
Source⚠️ https://github.com/bleakTS/myCVE/issues/4
User
 QKset (UID 84286)
Submission05/04/2025 00:06 (11 months ago)
Moderation05/15/2025 09:31 (11 days later)
StatusAccepted
VulDB entry309038 [PHPGurukul Daily Expense Tracker 1.1 /register.php email sql injection]
Points20

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!