Vulnerabilities > Banking System Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-30	CVE-2022-26644	Cross-site Scripting vulnerability in Banking System Project Banking System 1.0 Online Banking System Protect v1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via parameters on user profile, system_info and accounts management. network low complexity banking-system-project CWE-79	6.1
2022-03-30	CVE-2022-26645	Unrestricted Upload of File with Dangerous Type vulnerability in Banking System Project Banking System 1.0 A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows attackers to execute arbitrary code via a crafted PHP file uploaded through the Upload Image function. network low complexity banking-system-project CWE-434 critical	9.8
2022-03-30	CVE-2022-26646	Unspecified vulnerability in Banking System Project Banking System 1.0 Online Banking System Protect v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the pages parameter. network low complexity banking-system-project critical	9.8
2022-01-24	CVE-2021-41659	SQL Injection vulnerability in Banking System Project Banking System 1.0 SQL injection vulnerability in Sourcecodester Banking System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username or password field. network low complexity banking-system-project CWE-89 critical	9.8

Vulnerabilities > Banking System Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Banking System Project"}]}