CVE-2026-9493
MEDIUM NVDCVSS Score
6.5
Severity
MEDIUM
Source
NVD
Published
May 29, 2026
Description
Service Center developed by BankPro E-Service Technology has an Insecure Direct Object Reference vulnerability, allowing authenticated remote attackers to modify the parameter of a specific query function to access other users' EC order details.