Vulnerabilities

CVE-2026-9493

by Fred · 29/05/2026

Service Center developed by BankPro E-Service Technology has an Insecure Direct Object Reference vulnerability, allowing authenticated remote attackers to modify the parameter of a specific query function to access other users’ EC order details.

More information : https://www.twcert.org.tw/en/cp-139-10940-d90bd-2.html

Similar

Tags: Cybersecurity Alert