CNNVD-202506-3745 Information

CNNVD ID

CNNVD-202506-3745

Related CVE

CVE-2025-40733

• CNNVD Published: 2025-06-30

Description (Chinese)

Code-Projects Daily Expense Manager是Code-Projects开源的一个日常开支管理系统。 Code-Projects Daily Expense Manager 1.0版本存在跨站脚本漏洞，该漏洞源于文件/login.php中参数username未经验证，可能导致反射型跨站脚本攻击。

Description (English)

Code-Projects Daily Expresse Manager is a day-to-day expenditure management system that is open to Code-Projects. The Code-Project Daily Express Manager 1.0 has a cross-site script loophole, which stems from the unverified username of the parameter in the document/login.php and may result in a reflector-type cross-site script attack.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Code-Projects

Published

2025-06-30

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-daily-expense-manager