Vulnerabilities > Rems > Simple Expense Tracker APP > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-02-14 CVE-2024-25211 SQL Injection vulnerability in Rems Simple Expense Tracker APP 1.0
Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the category parameter at /endpoint/delete_category.php.
network
low complexity
rems CWE-89
critical
9.8
2024-02-14 CVE-2024-25210 SQL Injection vulnerability in Rems Simple Expense Tracker APP 1.0
Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the expense parameter at /endpoint/delete_expense.php.
network
low complexity
rems CWE-89
critical
9.8