SQL Injection Vulnerability in SourceCodester Online Bank Management System
CVE-2025-9022

6.9MEDIUM

Key Information:

Vendor: Sourcecodester
Status: Online Bank Management System
Vendor: CVE Published:; 15 August 2025

🔔 Create Sourcecodester Vulnerability Alert

What is CVE-2025-9022?

A vulnerability in the SourceCodester Online Bank Management System allows for SQL injection through improper handling of user input in the /bank/statements.php file. By manipulating the email argument, attackers can execute arbitrary SQL code remotely, potentially accessing sensitive information from the database. This weakness poses significant risks for users and database integrity, necessitating immediate attention and remediation.