CVE-2025-40731 Information

Description

SQL injection vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to retrieve create update and delete databases through the pname pprice and id parameters in /update.php.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-daily-expense-manager

Related CNNVD

CNNVD-202506-3740 (Published: 2025-06-30)