| 标题 | PHPGurukul Daily Expense Tracker System 1.1 SQL Injection |
|---|
| 描述 | A SQL injection vulnerability was identified within the "/expense-monthwise-reports-detailed.php" file of the "Daily Expense Tracker System" project. The root cause lies in the fact that attackers can inject malicious code via the parameter "todate". |
|---|
| 来源 | ⚠️ https://github.com/f1rstb100d/myCVE/issues/24 |
|---|
| 用户 | Anonymous User |
|---|
| 提交 | 2025-05-16 11時24分 (1 年前) |
|---|
| 管理 | 2025-05-18 08時31分 (2 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 309487 [PHPGurukul Daily Expense Tracker System 1.1 expense-monthwise-reports-detailed.php fromdate/todate SQL注入] |
|---|
| 积分 | 16 |
|---|