Simple E Banking System
Monthly
Reflected cross-site scripting (XSS) in Simple E-Banking System 1.0 allows remote attackers to inject malicious scripts via the Username parameter in /eBank/register.php. The vulnerability requires user interaction (clicking a malicious link) but has low impact on confidentiality and integrity. Publicly available exploit code exists, though EPSS scoring (0.03%, 10th percentile) suggests limited real-world exploitation despite XSS being a common attack vector.
A security vulnerability has been detected in code-projects E-Banking System 1.0. This affects an unknown function of the file /register.php of the component POST Parameter Handler. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.
Reflected cross-site scripting (XSS) in Simple E-Banking System 1.0 allows remote attackers to inject malicious scripts via the Username parameter in /eBank/register.php. The vulnerability requires user interaction (clicking a malicious link) but has low impact on confidentiality and integrity. Publicly available exploit code exists, though EPSS scoring (0.03%, 10th percentile) suggests limited real-world exploitation despite XSS being a common attack vector.
A security vulnerability has been detected in code-projects E-Banking System 1.0. This affects an unknown function of the file /register.php of the component POST Parameter Handler. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.