Skip to main content

Daily Habit Tracker

5 CVEs product

Monthly

CVE-2024-2075 MEDIUM POC This Month

A vulnerability was found in SourceCodester Daily Habit Tracker 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Daily Habit Tracker
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2024-24496 CRITICAL POC THREAT Act Now

An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the home.php, add-tracker.php, delete-tracker.php, update-tracker.php components. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP Daily Habit Tracker
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
19.5%
CVE-2024-24495 CRITICAL POC Act Now

SQL Injection vulnerability in delete-tracker.php in Daily Habit Tracker v.1.0 allows a remote attacker to execute arbitrary code via crafted GET request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP RCE Daily Habit Tracker
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2024-24494 MEDIUM POC THREAT This Month

Cross Site Scripting vulnerability in Daily Habit Tracker v.1.0 allows a remote attacker to execute arbitrary code via the day, exercise, pray, read_book, vitamins, laundry, alcohol and meat. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP XSS Daily Habit Tracker
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
25.9%
CVE-2024-24140 HIGH POC This Week

Sourcecodester Daily Habit Tracker App 1.0 allows SQL Injection via the parameter 'tracker.'. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Daily Habit Tracker
NVD GitHub
CVSS 3.1
7.2
EPSS
1.2%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

A vulnerability was found in SourceCodester Daily Habit Tracker 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Daily Habit Tracker
NVD GitHub VulDB
EPSS 20% CVSS 9.8
CRITICAL POC THREAT Act Now

An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the home.php, add-tracker.php, delete-tracker.php, update-tracker.php components. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP Daily Habit Tracker
NVD GitHub Exploit-DB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

SQL Injection vulnerability in delete-tracker.php in Daily Habit Tracker v.1.0 allows a remote attacker to execute arbitrary code via crafted GET request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP RCE +1
NVD GitHub Exploit-DB
EPSS 26% CVSS 6.1
MEDIUM POC THREAT This Month

Cross Site Scripting vulnerability in Daily Habit Tracker v.1.0 allows a remote attacker to execute arbitrary code via the day, exercise, pray, read_book, vitamins, laundry, alcohol and meat. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP XSS +1
NVD GitHub Exploit-DB
EPSS 1% CVSS 7.2
HIGH POC This Week

Sourcecodester Daily Habit Tracker App 1.0 allows SQL Injection via the parameter 'tracker.'. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Daily Habit Tracker
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy