exploitDog

GHSA-v3h2-63cj-q48p

Опубликовано: 30 июн. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 8.7

CVSS3: 9.8

Описание

SQL injection vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pname, pprice and id parameters in /update.php.

SQL injection vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pname, pprice and id parameters in /update.php.

Ссылки

EPSS

Процентиль: 11%

0.00038

Низкий

8.7 High

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-40731

CVSS3: 9.8

nvd

7 месяцев назад

SQL injection vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pname, pprice and id parameters in /update.php.

EPSS

Процентиль: 11%

0.00038

Низкий

8.7 High

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89