PT-2025-34741 · Sourcecodester · Online Bank Management System

Yu Bao

Published

2025-08-26

Updated

2025-08-26

CVE-2025-9473

Report an issue

CVSS v2.0

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions:

SourceCodester Online Bank Management System version 1.0

Description:

A security issue exists in SourceCodester Online Bank Management System 1.0. The vulnerability is located in the `/feedback.php` file, within an unknown function. Manipulation of the `msg` argument can lead to SQL injection. The exploit has been publicly disclosed and may be used for remote attacks.

Recommendations:

As a temporary workaround, consider restricting access to the `/feedback.php` file until a patch is available.

Sanitize the `msg` argument to prevent SQL injection attacks.

Exploit

Fix

Special Elements Injection

SQL injection

Weakness Enumeration

CWE-74CWE-89

Related Identifiers

CVE-2025-9473

Affected Products

Online Bank Management System

PT-2025-34741 · Sourcecodester · Online Bank Management System

Weakness Enumeration

Related Identifiers

Affected Products

References · 8