CVE-2025-40734

Medium CVSS: 5.1

Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the password and confirm_password parameters in /register.php.

Vendor

Code-projects

Product

Daily Expense Manager

CWE

CWE-79

Yayın Tarihi

2025-06-30 09:15:25

Güncelleme

2025-07-07 18:17:48

Source Identifier

cve-coordination@incibe.es

KEV Date Added

Kategoriler

CWE-79 Daily Expense Manager MEDIUM Code-projects 2025

Referanslar

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-daily-expense-manager

Benzer Kayıtlar

Medium

CVE-2026-5256

A flaw has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /m…

Medium

CVE-2026-5257

A vulnerability has been found in code-projects Simple Laundry System 1.0. This issue affects some unknown processing of…

Medium

CVE-2026-5255

A vulnerability was detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /delst…

Medium

CVE-2026-5106

A flaw has been found in code-projects Exam Form Submission 1.0. The impacted element is an unknown function of the file…

Medium

CVE-2026-4908

A security flaw has been discovered in code-projects Simple Laundry System 1.0. This affects an unknown function of the…

Medium

CVE-2026-4849

A vulnerability was identified in code-projects Simple Laundry System 1.0. This impacts an unknown function of the file…