A vulnerability was found in Simple Expense Tracker 1.0. It has been classified as critical. Affected is an unknown function of the file /endpoint/delete_category.php. The manipulation of the argument category leads to sql injection.
This vulnerability is traded as CVE-2024-25211. The attack needs to be initiated within the local network. There is no exploit available.