NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-41618

Summary	Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to SQL Injection in the `transaction_delete_group` function. The vulnerability is due to improper sanitization of user input in the `TrDeleteArr` parameter, which is directly incorporated into an SQL query.
Publication Date	Oct. 25, 2024, 7:15 a.m.
Registration Date	Oct. 25, 2024, noon
Last Update	Oct. 30, 2024, 2:35 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/moneymanagerex/web-money-manager-ex/issues/51
2	https://www.youtube.com/watch?v=JaOrlT9G3yo
3	https://github.com/moneymanagerex/web-money-manager-ex/commit/f2850b295ee21bc299799343a3bc4d004d05651d
4	https://github.com/moneymanagerex/web-money-manager-ex/releases/tag/v1.2.3

Common Vulnerabilities List