Title: online-banking web 1 SQL Injection Description: - The vulnerability in the online-banking system at https://github.com/RashminDungarani/online-banking?tab=readme-ov-file#screenshots is due to the login verification logic in the auth_login.php file not using parameterized queries. - User inputs for username and password are directly concatenated into the SQL statement, allowing attackers to manipulate SQL queries and achieve login bypass or data theft. Source: https://github.com/BrillBigbang/hole-gap/blob/main/online-banking-have-sql.docx User: Brill (UID 92630) Submission Date: 11/21/2025 07:51 AM Moderation Date: 12/06/2025 06:15 PM Status: Accepted VulDB Entry: 234012 (RashminDungarani online-banking up to 2337ad552ea9d385b4e07b90e6f32d011b7c68a2 auth_login.php Username sql injection) Points: 20