CVE-2024-41618

Published: 2024-10-24T22:15Z

Last Modified: 2024-10-29T17:35Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to SQL Injection in the `transaction_delete_group` function. The vulnerability is due to improper sanitization of user input in the `TrDeleteArr` parameter, which is directly incorporated into an SQL query. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt