CVE-2025-9021

Опубликовано: 15 авг. 2025

Источник: nvd

CVSS3: 7.3

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

A vulnerability was determined in SourceCodester Online Bank Management System up to 1.0. This vulnerability affects unknown code of the file /bank/transfer.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely.

Ссылки

https://vuldb.com/?ctiid.320086
Permissions Required
VDB Entry
https://vuldb.com/?id.320086
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.631861
Third Party Advisory
VDB Entry
https://www.sourcecodester.com/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oretnom23:online_bank_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 7%

0.00033

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74

Связанные уязвимости

GHSA-cmvv-cx7w-wphp

CVSS3: 7.3

github

9 дней назад

EPSS

Процентиль: 7%

0.00033

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74