← Back

Expense Management System

expense_management_system

Vendor: Projectworlds • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-12231
1Projectworlds
1Expense Management System
Apr 29, 2026
Oct 27, 2025
1.9 LOW· v4
4.8 MEDIUM· v3
3.3 LOW· v2
A security vulnerability has been detected in projectworlds Expense Management System 1.0. Affected is an unknown function of the file /public/admin/expense_categories/create of the component Expense Categories Page. Suc...Show more
A security vulnerability has been detected in projectworlds Expense Management System 1.0. Affected is an unknown function of the file /public/admin/expense_categories/create of the component Expense Categories Page. Such manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.Show less
CVE-2025-12230
1Projectworlds
1Expense Management System
Apr 29, 2026
Oct 27, 2025
1.9 LOW· v4
4.8 MEDIUM· v3
3.3 LOW· v2
A weakness has been identified in projectworlds Expense Management System 1.0. This impacts an unknown function of the file /public/admin/currencies/create of the component Currency Page. This manipulation causes cross s...Show more
A weakness has been identified in projectworlds Expense Management System 1.0. This impacts an unknown function of the file /public/admin/currencies/create of the component Currency Page. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.Show less
CVE-2025-12229
1Projectworlds
1Expense Management System
Apr 29, 2026
Oct 27, 2025
1.9 LOW· v4
4.8 MEDIUM· v3
3.3 LOW· v2
A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects an unknown function of the file /public/admin/roles/create of the component Roles Page. The manipulation results in cross s...Show more
A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects an unknown function of the file /public/admin/roles/create of the component Roles Page. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.Show less
CVE-2025-12228
1Projectworlds
1Expense Management System
Apr 29, 2026
Oct 27, 2025
1.9 LOW· v4
4.8 MEDIUM· v3
3.3 LOW· v2
A vulnerability was identified in projectworlds Expense Management System 1.0. The impacted element is an unknown function of the file /public/admin/users/create of the component Users Page. The manipulation leads to cro...Show more
A vulnerability was identified in projectworlds Expense Management System 1.0. The impacted element is an unknown function of the file /public/admin/users/create of the component Users Page. The manipulation leads to cross site scripting. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.Show less