CVE-2025-13276
HIGHDescription
A vulnerability was detected in g33kyrash Online-Banking-System up to 12dbfa690e5af649fb72d2e5d3674e88d6743455. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument Username results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
Is your site exposed to CVE-2025-13276?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2025-13276? +
How severe is CVE-2025-13276? +
How do I check if I'm vulnerable to CVE-2025-13276? +
Related Vulnerabilities
An XML injection vulnerability in the Large Scale VPN (LSVPN) functionality of Palo Alto Networks PAN-OS® software enables an unauthenticated …
Froxlor is open source server administration software. In version 2.3.6 and earlier, the LOC record regex uses `\s+` which matches …
Git LFS is a Git extension for versioning large files. When Git LFS requests credentials from Git for a remote …
Integrated Scripting is a tool for creating scripts for handling complex operations in Integrated Dynamics. Minecraft users who use Integrated …
Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid.This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1; Parsoid: before 0.16.5, 0.19.2, 0.20.2.
Host Header Injection (HHI) vulnerability in the Hotspot Shield VPN client, which can induce unexpected behaviour when accessing third-party web …