Egavilanmedia Expense Management System — known CVE vulnerabilities
Every CVE whose affected-product data names Egavilanmedia Expense Management System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-44098 — CVSS 9.8 (critical): EGavilan Media Expense-Management-System 1.0 is vulnerable to SQL Injection via /expense_action.php. This allows a remote attacker to…
CVE-2020-35395 — CVSS 6.1 (medium): XSS in the Add Expense Component of EGavilan Media Expense Management System 1.0 allows an attacker to permanently store malicious…