Vulnerabilities > Banking System Project

DATE CVE VULNERABILITY TITLE RISK
2022-03-30 CVE-2022-26644 Cross-site Scripting vulnerability in Banking System Project Banking System 1.0
Online Banking System Protect v1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via parameters on user profile, system_info and accounts management.
4.3
2022-03-30 CVE-2022-26645 Unrestricted Upload of File with Dangerous Type vulnerability in Banking System Project Banking System 1.0
A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows attackers to execute arbitrary code via a crafted PHP file uploaded through the Upload Image function.
network
low complexity
banking-system-project CWE-434
7.5
2022-03-30 CVE-2022-26646 Unspecified vulnerability in Banking System Project Banking System 1.0
Online Banking System Protect v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the pages parameter.
network
low complexity
banking-system-project
7.5
2022-01-24 CVE-2021-41659 SQL Injection vulnerability in Banking System Project Banking System 1.0
SQL injection vulnerability in Sourcecodester Banking System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username or password field.
network
low complexity
banking-system-project CWE-89
7.5