CVE-2023-54163

HIGH SEVERITY

CVSS Score & Metrics

Base Score

7.5 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N                                    

Vulnerability Description

NLB mKlik Macedonia 3.3.12 contains a SQL injection vulnerability in international transfer parameters that allows attackers to manipulate database queries. Attackers can inject arbitrary SQL code through unsanitized input to potentially disclose sensitive information from the mobile banking application.

Vulnerability Details

Published Date

December 30, 2025

Last Modified

January 16, 2026

CWE ID

CWE-89

Source

NVD

Vendor

nlb

Product

mklik_makedonija

External References

https://cxsecurity.com/issue/WLB-2023100040
https://packetstormsecurity.com/files/175113/NLB-mKlik-Makedonija-3.3.12-SQL-Injection.html
https://play.google.com/store/apps/details?id=hr.asseco.android.jimba.tutunskamk.production
https://www.vulncheck.com/advisories/nlb-mklik-macedonia-sql-injection-via-international-transfer-parameters
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5797.php
https://cxsecurity.com/issue/WLB-2023100040
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5797.php

CVE-2023-54163

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment