CVE-2023-38873 - Clickjacking Vulnerability in Economizzer (Commit 373088 and v.9-beta1)
Clickjacking, also called "UI redress attack," is one of those web vulnerabilities that looks simple—but can cost you dearly if left unchecked.
CVE-2023-38872 - How an IDOR Vulnerability in Economizzer Let Attackers Access Your Attachments
CVE-2023-38872 is a security vulnerability found in Economizzer, a popular open-source cash flow manager. The issue, known as an Insecure Direct Object
CVE-2023-38874 - Remote Code Execution in Economizzer via Insecure File Upload (Exclusive Deep Dive)
A serious security vulnerability has been discovered in Economizzer, an open-source web-based personal finance manager. The issue, tracked as CVE-2023-38874, affects
CVE-2023-38870 - SQL Injection Vulnerability in Economizzer’s Cash Book (Analysis, Code, Exploit)
---
TL;DR
Economizzer, an open-source financial management app, contains a serious SQL Injection vulnerability in its cash book feature. Specifically, the category_id parameter
Episode
00:00:00
00:00:00