CVE-2023-7331
MEDIUMPKrystian Full-Stack-Bank <bf73a0179e3ff07c0d7dc35297cea0be0e5b1317...
Title source: llmDescription
A vulnerability was detected in PKrystian Full-Stack-Bank up to bf73a0179e3ff07c0d7dc35297cea0be0e5b1317. This vulnerability affects unknown code of the component User Handler. Performing manipulation results in sql injection. It is possible to initiate the attack remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The patch is named 25c9965a872c704f3a9475488dc5d3196902199a. It is suggested to install a patch to address this issue.
References (4)
Core 4
Core References
Issue Tracking issue-tracking
https://github.com/PKrystian/Full-Stack-Bank/pull/21
Permissions Required, VDB Entry vdb-entry
https://vuldb.com/?id.338650
Permissions Required, VDB Entry signature
permissions-required
https://vuldb.com/?ctiid.338650
Scores
CVSS v3
4.7
EPSS
0.0020
EPSS Percentile
10.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-74
CWE-89
Status
published
Products (1)
PKrystian/Full-Stack-Bank
bf73a0179e3ff07c0d7dc35297cea0be0e5b1317
Published
Dec 31, 2025
Tracked Since
Feb 18, 2026