Submit #631862: https://www.sourcecodester.com/php/15373 online-banking-management-system 1.0 SQL Injectioninfo

Titlehttps://www.sourcecodester.com/php/15373 online-banking-management-system 1.0 SQL Injection
DescriptionNo authentication is required. Directly access the file bank/statements.php, capture the data packet, and modify it to be sent via the POST method. The POST request should carry the parameter "email",”userLogin”,”password”. You can use the SQLMAP tool to verify the vulnerability; the parameter "email" has a SQL injection vulnerability, through which sensitive database information can be obtained.
Source⚠️ http://127.0.0.1/bank/statements.php
User
 firewall (UID 88901)
Submission08/11/2025 12:22 (10 months ago)
Moderation08/14/2025 09:05 (3 days later)
StatusAccepted
VulDB entry320087 [SourceCodester Online Bank Management System up to 1.0 /bank/statements.php email sql injection]
Points20

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!