Filtered by vendor Moneymanagerex
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-41618 | 1 Moneymanagerex | 1 Money Manager Ex Webapp | 2024-10-29 | 9.8 Critical |
| Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to SQL Injection in the `transaction_delete_group` function. The vulnerability is due to improper sanitization of user input in the `TrDeleteArr` parameter, which is directly incorporated into an SQL query. | ||||
| CVE-2024-41617 | 1 Moneymanagerex | 1 Money Manager Ex Webapp | 2024-10-29 | 9.8 Critical |
| Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to Incorrect Access Control. The `redirect_if_not_loggedin` function in `functions_security.php` fails to terminate script execution after redirecting unauthenticated users. This flaw allows an unauthenticated attacker to upload arbitrary files, potentially leading to Remote Code Execution. | ||||
Page 1 of 1.