CVE-2025-40732
BaseFortify
Publication date: 2025-06-30
Last updated on: 2025-07-07
Assigner: Spanish National Cybersecurity Institute, S.A. (INCIBE)
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| code-projects | daily_expense_manager | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-203 | The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-40732 is a user enumeration vulnerability in Daily Expense Manager version 1.0. It can be exploited by sending a POST request to the /check.php endpoint using the 'name' parameter. This vulnerability allows an attacker to determine whether specific usernames exist in the system by observing differences in the application's responses. [1]
How can this vulnerability impact me? :
This vulnerability can allow an attacker to discover valid usernames in the Daily Expense Manager application without any privileges or user interaction. Knowing valid usernames can facilitate further attacks such as password guessing, phishing, or targeted exploitation, potentially leading to unauthorized access or data compromise. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This user enumeration vulnerability in Daily Expense Manager v1.0 can be detected by sending POST requests to the /check.php endpoint with different values in the 'name' parameter and observing the responses for discrepancies that reveal valid usernames. For example, using curl commands to test different usernames and comparing response differences can help detect the vulnerability. [1]
What immediate steps should I take to mitigate this vulnerability?
No official solutions or patches have been reported at this time. Immediate mitigation steps include restricting access to the /check.php endpoint, implementing rate limiting to prevent automated enumeration, monitoring logs for suspicious POST requests to /check.php, and applying web application firewall (WAF) rules to block or alert on suspicious activity targeting the 'name' parameter. [1]