62 matches found
EUVD-2025-11480
Malicious code in bioql PyPI...
EUVD-2025-10508
Malicious code in bioql PyPI...
CVE-2024-56924
A Cross Site Request Forgery CSRF vulnerability in Code Astro Internet banking system 2.0.0 allows remote attackers to execute arbitrary JavaScript on the admin page pagesaccount, potentially leading to unauthorized actions such as changing account settings or stealing sensitive user information...
CVE-2023-5693
A vulnerability was found in CodeAstro Internet Banking System 1.0 and classified as critical. This issue affects some unknown processing of the file pagesresetpwd.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2023-5699
A vulnerability, which was classified as problematic, has been found in CodeAstro Internet Banking System 1.0. This issue affects some unknown processing of the file pagesviewclient.php. The manipulation of the argument accname with the input Johnnie Reyes'"&% leads to cross site scripting. The...
CVE-2023-5698
A vulnerability classified as problematic was found in CodeAstro Internet Banking System 1.0. This vulnerability affects unknown code of the file pagesdepositmoney.php. The manipulation of the argument accountnumber with the input 421873905--alert9523...
CVE-2025-29015
Code Astro Internet Banking System 2.0.0 is vulnerable to Cross Site Scripting XSS via the name parameter in /admin/pagesaccount.php...
CVE-2025-29015
Code Astro Internet Banking System 2.0.0 is vulnerable to Cross Site Scripting XSS via the name parameter in /admin/pagesaccount.php...
CVE-2025-29015
Code Astro Internet Banking System 2.0.0 is vulnerable to Cross Site Scripting XSS via the name parameter in /admin/pagesaccount.php...
CVE-2025-29015
CVE-2025-29015 affects Code Astro Internet Banking System 2.0.0. The vulnerability is an Cross Site Scripting (XSS) flaw that can be triggered via the name parameter in /admin/pages_account.php, allowing script injection. The issue is documented with CVSS v3.1 base metrics: AV:N/AC:L/PR:N/UI:R/S:...
CVE-2025-29017
A Remote Code Execution RCE vulnerability exists in Code Astro Internet Banking System 2.0.0 due to improper file upload validation in the profilepic parameter within pagesviewclient.php...
CVE-2025-29018
A Stored Cross-Site Scripting XSS vulnerability exists in the name parameter of pagesaddacctype.php in Code Astro Internet Banking System 2.0.0...
CVE-2025-29017
A Remote Code Execution RCE vulnerability exists in Code Astro Internet Banking System 2.0.0 due to improper file upload validation in the profilepic parameter within pagesviewclient.php...
CVE-2025-29017
A Remote Code Execution RCE vulnerability exists in Code Astro Internet Banking System 2.0.0 due to improper file upload validation in the profilepic parameter within pagesviewclient.php...
CVE-2025-29017
A Remote Code Execution RCE vulnerability exists in Code Astro Internet Banking System 2.0.0 due to improper file upload validation in the profilepic parameter within pagesviewclient.php...
PT-2025-15988 · Unknown · Codeastro Internet Banking System
Name of the Vulnerable Software and Affected Versions: Code Astro Internet Banking System version 2.0.0 Description: A Remote Code Execution RCE vulnerability exists due to improper file upload validation in the profile pic parameter within pages view client.php. Recommendations: Code Astro...
CVE-2025-29017
Code Astro Internet Banking System 2.0.0 is reported vulnerable via the profile_pic parameter in pages_view_client.php due to improper file upload validation, allowing an attacker to upload a malicious PHP file and achieve Remote Code Execution (RCE). The linked exploit/documentation describes by...
CVE-2025-29018
A Stored Cross-Site Scripting XSS vulnerability exists in the name parameter of pagesaddacctype.php in Code Astro Internet Banking System 2.0.0...
CVE-2025-29018
A Stored Cross-Site Scripting XSS vulnerability exists in the name parameter of pagesaddacctype.php in Code Astro Internet Banking System 2.0.0...
CVE-2025-29018
CVE-2025-29018 affects Code Astro Internet Banking System 2.0.0. The vulnerability is a Stored Cross-Site Scripting (XSS) in the name parameter of pages_add_acc_type.php. Core details: vulnerable component is the PHP page handler and the issue arises from unsanitized/reflective input in the name ...