Lucene search

Daily Habit Tracker Security Vulnerabilities

cve

CVE-2024-2075

A vulnerability was found in SourceCodester Daily Habit Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/update-tracker.php. The manipulation of the argument day leads to cross site scripting. The attack can be launch...

3.5CVSS

4AI Score

0.0004EPSS

2024-03-01 06:15 PM

cve

CVE-2024-24140

Sourcecodester Daily Habit Tracker App 1.0 allows SQL Injection via the parameter 'tracker.'

7.2CVSS

7.5AI Score

0.001EPSS

2024-01-29 08:15 PM

cve

CVE-2024-24494

Cross Site Scripting vulnerability in Daily Habit Tracker v.1.0 allows a remote attacker to execute arbitrary code via the day, exercise, pray, read_book, vitamins, laundry, alcohol and meat parameters in the add-tracker.php and update-tracker.php components.

6.1CVSS

7.2AI Score

0.002EPSS

2024-02-08 09:15 PM

cve

CVE-2024-24495

SQL Injection vulnerability in delete-tracker.php in Daily Habit Tracker v.1.0 allows a remote attacker to execute arbitrary code via crafted GET request.

9.8CVSS

9.8AI Score

0.003EPSS

2024-02-08 09:15 PM

cve

CVE-2024-24496

An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the home.php, add-tracker.php, delete-tracker.php, update-tracker.php components.

9.8CVSS

9.3AI Score

0.006EPSS

2024-02-08 09:15 PM