Lucene search
+L

31 matches found

cnvd
cnvd
added 2022/09/27 12:0 a.m.15 views

Online Banking System SQL Injection Vulnerability (CNVD-2022-68373)

Online Banking System is an online banking system developed using PHP and MySQL. v1.0 of Online Banking System contains a security vulnerability that originates in the searchterm parameter in the /net-banking/transactions.php location. injection issue in the searchterm parameter at...

9.8CVSS1.7AI score0.00819EPSS
Exploits1References1
osv
osv
added 2022/09/23 10:15 p.m.6 views

CVE-2022-40114

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the custid parameter at /net-banking/editcustomer.php...

9.8CVSS5.8AI score0.00819EPSS
Exploits1References2
nvd
nvd
added 2022/09/23 10:15 p.m.25 views

CVE-2022-40118

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the custid parameter at /net-banking/sendfundsaction.php...

9.8CVSS0.00819EPSS
Exploits1References2
osv
osv
added 2022/09/23 10:15 p.m.3 views

CVE-2022-40113

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the custid parameter at /net-banking/sendfunds.php...

9.8CVSS5.8AI score0.00819EPSS
Exploits1References2
osv
osv
added 2022/09/23 10:15 p.m.3 views

CVE-2022-40121

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search parameter at /net-banking/managecustomers.php...

9.8CVSS5.8AI score0.00819EPSS
Exploits1References2
osv
osv
added 2022/09/23 10:15 p.m.4 views

CVE-2022-40120

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the searchterm parameter at /net-banking/customertransactions.php...

9.8CVSS5.8AI score
Exploits0References2
osv
osv
added 2022/09/23 10:15 p.m.5 views

CVE-2022-40122

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the custid parameter at /net-banking/editcustomeraction.php...

9.8CVSS5.8AI score0.00819EPSS
Exploits1References2
osv
osv
added 2022/09/23 10:15 p.m.4 views

CVE-2022-40116

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the search parameter at /net-banking/beneficiary.php...

9.8CVSS5.8AI score0.00819EPSS
Exploits1References2
osv
osv
added 2022/09/23 10:15 p.m.3 views

CVE-2022-40119

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the searchterm parameter at /net-banking/transactions.php...

9.8CVSS5.8AI score0.00819EPSS
Exploits1References2
prion
prion
added 2022/09/23 10:15 p.m.15 views

Sql injection

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the custid parameter at /net-banking/sendfundsaction.php...

7.5CVSS9.7AI score0.00819EPSS
Exploits1References2Affected Software1
prion
prion
added 2022/09/23 10:15 p.m.15 views

Sql injection

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the custid parameter at /net-banking/deletebeneficiary.php...

7.5CVSS9.7AI score0.00819EPSS
Exploits1References2Affected Software1
cve
cve
added 2022/09/23 9:16 p.m.58 views

CVE-2022-40120

CVE-2022-40120 affects Online Banking System v1.0. The vulnerability is a SQL injection in the search_term parameter of /net-banking/customer_transactions.php. Root cause: unsanitized input used in SQL queries. Impact (per CVSS v3.1): Confidentiality HIGH, Integrity HIGH, Availability HIGH (score...

9.8CVSS9.8AI score0.00819EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2022/09/23 9:16 p.m.27 views

CVE-2022-40118

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the custid parameter at /net-banking/sendfundsaction.php...

10AI score0.00819EPSS
Exploits1References2
cve
cve
added 2022/09/23 9:16 p.m.54 views

CVE-2022-40119

Online Banking System v1.0 contains an SQL injection vulnerability in the search_term parameter of /net-banking/transactions.php. The underlying issue is unsanitized user input leading to potential disclosure/integrity/availability impact (CVSS v3.1 base score 9.8, CRITICAL). Exploitation details...

9.8CVSS9.8AI score0.00819EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2022/09/23 9:16 p.m.21 views

CVE-2022-40117

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the custid parameter at /net-banking/deletecustomer.php...

10AI score0.00819EPSS
Exploits1References2
cve
cve
added 2022/09/23 9:16 p.m.63 views

CVE-2022-40117

CVE-2022-40117 affects Online Banking System v1.0, with a SQL injection in the cust_id parameter of /net-banking/delete_customer.php. Root cause: unsafe SQL handling in PHP/MySQL leads to potential unauthorized data access/modification. Impact per metrics: base CVSS 3.1 score 9.8 (CRITICAL); atta...

9.8CVSS9.8AI score0.00819EPSS
Exploits1References2Affected Software1
cve
cve
added 2022/09/23 9:16 p.m.54 views

CVE-2022-40116

CVE-2022-40116 affects Online Banking System v1.0. The vulnerability is a SQL injection in the search parameter of /net-banking/beneficiary.php, arising from improper input handling. CVSSv3.1 indicates NETWORK attack vector, no authentication, with 0 user interaction and high impacts to confident...

9.8CVSS9.8AI score0.00819EPSS
Exploits1References2Affected Software1
cve
cve
added 2022/09/23 9:16 p.m.60 views

CVE-2022-40115

CVE-2022-40115 affects Online Banking System v1.0, with a SQL injection vulnerability in /net-banking/delete_beneficiary.php via the cust_id parameter. The CVSS v3.1 vector is AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (base score 9.8; CRITICAL). Exploitation requires network access, no user interaction...

9.8CVSS9.8AI score0.00819EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2022/09/23 9:16 p.m.31 views

CVE-2022-40114

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the custid parameter at /net-banking/editcustomer.php...

10AI score0.00819EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2022/09/23 9:16 p.m.4 views

CVE-2022-40114

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the custid parameter at /net-banking/editcustomer.php...

9.8AI score0.00819EPSS
Exploits1References2
Rows per page
Query Builder