CVE-2023-54163

HIGH

NLB mKlik Makedonija 3.3.12 - SQL Injection via International Transfer Parameters

Title source: llm
STIX 2.1

Description

NLB mKlik Macedonia 3.3.12 contains a SQL injection vulnerability in international transfer parameters that allows attackers to manipulate database queries. Attackers can inject arbitrary SQL code through unsanitized input to potentially disclose sensitive information from the mobile banking application.

Scores

CVSS v3 7.5
EPSS 0.0029
EPSS Percentile 21.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (1)
nlb/mklik_makedonija 3.3.12
Published Dec 30, 2025
Tracked Since Feb 18, 2026