Banking System Project: Security Vulnerabilities
Online Banking System Protect v1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via parameters on user profile, system_info and accounts management.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-03-30
A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows attackers to execute arbitrary code via a crafted PHP file uploaded through the Upload Image function.
CVSS Score
9.8
EPSS Score
0.03
Published
2022-03-30
Online Banking System Protect v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the pages parameter.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-03-30
SQL injection vulnerability in Sourcecodester Banking System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username or password field.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-01-24