CVE-2023-38870

Published September 28th, 2023

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

N/A

Affected

PROJECTS

Description

A SQL injection vulnerability exists in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1. The cash book has a feature to list accomplishments by category, and the 'category_id' parameter is vulnerable to SQL Injection.

dub-flow/vulnerability-research

This repository contains information on the CVEs I found.

GitHub

gugoan/economizzer

Open Source Personal Finance Manager

GitHub

497