Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at...
9.8CVSS
9.8AI Score
0.002EPSS
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at...
9.8CVSS
9.8AI Score
0.002EPSS
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search parameter at...
9.8CVSS
9.8AI Score
0.002EPSS
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at...
9.8CVSS
9.8AI Score
0.002EPSS
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search_term parameter at...
9.8CVSS
9.8AI Score
0.002EPSS
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search parameter at...
9.8CVSS
9.8AI Score
0.002EPSS
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at...
9.8CVSS
9.8AI Score
0.002EPSS
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at...
9.8CVSS
9.8AI Score
0.002EPSS
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at...
9.8CVSS
9.8AI Score
0.002EPSS
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search_term parameter at...
9.8CVSS
9.8AI Score
0.002EPSS
Online Banking System in PHP v1 was discovered to contain multiple SQL injection vulnerabilities at /staff_login.php via the Staff ID and Staff Password...
6.5CVSS
7AI Score
0.001EPSS
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the id...
9.8CVSS
9.7AI Score
0.002EPSS
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via...
9.8CVSS
9.7AI Score
0.002EPSS
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via...
9.8CVSS
9.8AI Score
0.002EPSS
Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller....
7.5CVSS
7.1AI Score
0.004EPSS
Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView for browser...
7.5CVSS
8.3AI Score
0.003EPSS
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary...
9.8CVSS
9.5AI Score
0.874EPSS
Multiple cross-site scripting (XSS) vulnerabilities in login.php in NexorONE Online Banking allow remote attackers to inject arbitrary web script or HTML via the (1) visitor_language parameter to register.php or (2) message...
5.9AI Score
0.004EPSS
PHP remote file inclusion vulnerability in index.php in W2B Online Banking allows remote attackers to execute arbitrary PHP code via a URL in the ilang...
7.5AI Score
0.027EPSS
Multiple SQL injection vulnerabilities in W2B Online Banking allow remote attackers to execute arbitrary SQL commands via (1) the draft parameter to mailer.w2b or (2) the listDocPay parameter to...
8.5AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in auth.w2b in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the adtype parameter, a different vector than...
5.6AI Score
0.007EPSS
Cross-site scripting (XSS) vulnerability in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the (1) query string, (2) SID parameter, or (3) ilang...
5.6AI Score
0.007EPSS
The iTAN Online-Banking Security System allows remote attackers to obtain TAN numbers via a man-in-the-middle (MITM) attack while the transaction is taking place, which facilitates a "phishing"...
6.8AI Score
0.002EPSS