Vulnerabilities > Remyandrade > Daily Habit Tracker
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-08 | CVE-2024-24494 | Cross-site Scripting vulnerability in Remyandrade Daily Habit Tracker 1.0 Cross Site Scripting vulnerability in Daily Habit Tracker v.1.0 allows a remote attacker to execute arbitrary code via the day, exercise, pray, read_book, vitamins, laundry, alcohol and meat parameters in the add-tracker.php and update-tracker.php components. | 6.1 |
| 2024-02-08 | CVE-2024-24495 | SQL Injection vulnerability in Remyandrade Daily Habit Tracker 1.0 SQL Injection vulnerability in delete-tracker.php in Daily Habit Tracker v.1.0 allows a remote attacker to execute arbitrary code via crafted GET request. | 9.8 |
| 2024-02-08 | CVE-2024-24496 | Improper Authentication vulnerability in Remyandrade Daily Habit Tracker 1.0 An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the home.php, add-tracker.php, delete-tracker.php, update-tracker.php components. | 9.8 |
| 2024-01-29 | CVE-2024-24140 | SQL Injection vulnerability in Remyandrade Daily Habit Tracker 1.0 Sourcecodester Daily Habit Tracker App 1.0 allows SQL Injection via the parameter 'tracker.' | 7.2 |