Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-44098 | 1 Egavilanmedia | 1 Expense Management System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| EGavilan Media Expense-Management-System 1.0 is vulnerable to SQL Injection via /expense_action.php. This allows a remote attacker to compromise Application SQL database. | |||||
| CVE-2020-35395 | 1 Egavilanmedia | 1 Expense Management System | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS in the Add Expense Component of EGavilan Media Expense Management System 1.0 allows an attacker to permanently store malicious JavaScript code via the 'description' field | |||||