erik-451/CVE

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-26644 ↗	Mar 30, 2022Wednesday, 30 March 2022, 23:15	6.1 MEDIUM	4.3 MEDIUM
Online Banking System Protect v1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via parameters on user profile, system_info and accounts management.
CVE-2022-26645 ↗	Mar 30, 2022Wednesday, 30 March 2022, 23:15	9.8 CRITICAL	7.5 HIGH
A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows attackers to execute arbitrary code via a crafted PHP file uploaded through the Upload Image function.
CVE-2022-26646 ↗	Mar 30, 2022Wednesday, 30 March 2022, 23:15	9.8 CRITICAL	7.5 HIGH
Online Banking System Protect v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the pages parameter.