Vulnerabilities > Phpgurukul > Daily Expense Tracker System > 1.1

DATE	CVE	VULNERABILITY TITLE	RISK
2025-02-12	CVE-2025-25349	SQL Injection vulnerability in PHPgurukul Daily Expense Tracker System 1.1 PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the costitem parameter. network low complexity phpgurukul CWE-89 critical	9.8
2025-02-12	CVE-2025-25351	SQL Injection vulnerability in PHPgurukul Daily Expense Tracker System 1.1 PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the dateexpense parameter. network low complexity phpgurukul CWE-89 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.