CNNVD-202506-3746 Information
Jun 30, 2025
cve
CNNVD ID
CNNVD-202506-3746
Related CVE
- CNNVD Published: 2025-06-30
Description (Chinese)
Code-Projects Daily Expense Manager是Code-Projects开源的一个日常开支管理系统。 Code-Projects Daily Expense Manager 1.0版本存在跨站脚本漏洞,该漏洞源于文件/register.php中参数password和confirm_password未经验证,可能导致反射型跨站脚本攻击。
Description (English)
Code-Projects Daily Expresse Manager is a day-to-day expenditure management system that is open to Code-Projects. Version 1.0 of Code-Project Daily Express Manager contains a cross-site script loophole, which stems from the unverified password and confirm password of the parameters in the document/register.php, which may result in a cross-posteric attack.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
Code-Projects
Published
2025-06-30
Last Modified
2026-02-24
References
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-daily-expense-manager
Share on: