CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-9473 – SourceCodester Online Bank Management System feedback.php sql injection
https://notcve.org/view.php?id=CVE-2025-9473
26 Aug 2025 — A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. This impacts an unknown function of the file /feedback.php. The manipulation of the argument msg leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. • https://vuldb.com/?id.321342 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-9305 – SourceCodester Online Bank Management System mnotice.php sql injection
https://notcve.org/view.php?id=CVE-2025-9305
21 Aug 2025 — A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. The affected element is an unknown function of the file /bank/mnotice.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. • https://vuldb.com/?id.320910 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-9304 – SourceCodester Online Bank Management System show.php sql injection
https://notcve.org/view.php?id=CVE-2025-9304
21 Aug 2025 — A weakness has been identified in SourceCodester Online Bank Management System 1.0. Impacted is an unknown function of the file /bank/show.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from a remote location. The exploit has been made available to the public and could be exploited. • https://vuldb.com/?id.320909 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-9022 – SourceCodester Online Bank Management System statements.php sql injection
https://notcve.org/view.php?id=CVE-2025-9022
15 Aug 2025 — A vulnerability was identified in SourceCodester Online Bank Management System up to 1.0. This issue affects some unknown processing of the file /bank/statements.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. Dies betrifft einen unbekannten Teil der Datei /bank/statements.php. • https://vuldb.com/?id.320087 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-9021 – SourceCodester Online Bank Management System transfer.php sql injection
https://notcve.org/view.php?id=CVE-2025-9021
15 Aug 2025 — A vulnerability was determined in SourceCodester Online Bank Management System up to 1.0. This vulnerability affects unknown code of the file /bank/transfer.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. Das betrifft eine unbekannte Funktionalität der Datei /bank/transfer.php. • https://vuldb.com/?id.320086 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 1CVE-2024-8583 – SourceCodester Online Bank Management System Feedback mfeedback.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-8583
08 Sep 2024 — A vulnerability was found in SourceCodester Online Bank Management System and Online Bank Management System - 1.0. It has been classified as problematic. This affects an unknown part of the file /mfeedback.php of the component Feedback Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. • https://github.com/Niu-zida/cve/blob/main/Storage-optimized%20Cross-site%20scripting%20vulnerability.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •