2 matches found
CVE-2023-5699
CVE-2023-5699 : CodeAstro Internet Banking System 1.0 contains a cross-site scripting (XSS) issue in the pages_view_client.php file. The vulnerability arises from unsafely handling the acc_name parameter, where crafted input (e.g., Johnnie Reyes'"()&%) can lead to script execution in a victim’s b...
Sql injection
A vulnerability was found in CodeAstro Internet Banking System 1.0 and classified as critical. This issue affects some unknown processing of the file pagesresetpwd.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been...