VYPR
Unrated severityNVD Advisory· Published Aug 6, 2022· Updated Apr 15, 2025

SourceCodester Expense Management System POST Parameter report.php fetch_report_credit sql injection

CVE-2022-2688

Description

A vulnerability was found in SourceCodester Expense Management System. It has been rated as critical. This issue affects the function fetch_report_credit of the file report.php of the component POST Parameter Handler. The manipulation of the argument from/to leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-205811.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.