42 matches found
EUVD-2024-43952
Malicious code in bioql PyPI...
EUVD-2024-43954
Malicious code in bioql PyPI...
EUVD-2024-43955
Malicious code in bioql PyPI...
EUVD-2024-43951
Malicious code in bioql PyPI...
EUVD-2024-43953
Malicious code in bioql PyPI...
HubBank Cross-Site Scripting Vulnerability
HubBank is an app from HubBank, Inc. A cross-site scripting vulnerability exists in HubBank version 1.0.2, which stems from the lack of effective filtering and escaping of user-supplied data on registration and profile forms, and can be exploited by an attacker to execute arbitrary web script or...
CVE-2024-4310
Cross-site Scripting XSS vulnerability in HubBank affecting version 1.0.2. This vulnerability allows an attacker to send a specially crafted JavaScript payload to registration and profile forms and trigger the payload when any authenticated user loads the page, resulting in a session takeover...
CVE-2024-4310
Cross-site Scripting XSS vulnerability in HubBank affecting version 1.0.2. This vulnerability allows an attacker to send a specially crafted JavaScript payload to registration and profile forms and trigger the payload when any authenticated user loads the page, resulting in a session takeover...
CVE-2024-4309
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints /user/transaction.php?id=1, /user/credit-debittransaction.php?id=1,/user/viewtransaction. php?id=1 and...
CVE-2024-4308
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints...
CVE-2024-4309
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints /user/transaction.php?id=1, /user/credit-debittransaction.php?id=1,/user/viewtransaction. php?id=1 and...
CVE-2024-4307
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints /accounts/activities.php?id=1, /accounts/view-deposit.php?id=1, /accounts/viewcards. php?id=1,...
CVE-2024-4307
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints /accounts/activities.php?id=1, /accounts/view-deposit.php?id=1, /accounts/viewcards. php?id=1,...
CVE-2024-4308
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints...
CVE-2024-4310 Cross-site Scripting (XSS) vulnerability in HubBank
Cross-site Scripting XSS vulnerability in HubBank affecting version 1.0.2. This vulnerability allows an attacker to send a specially crafted JavaScript payload to registration and profile forms and trigger the payload when any authenticated user loads the page, resulting in a session takeover...
CVE-2024-4310
HubBank 1.0.2 is affected by a Cross-site Scripting (XSS) vulnerability in registration and profile forms due to insufficient input filtering/escaping. An attacker can deliver a crafted JavaScript payload that executes when an authenticated user loads the page, enabling session takeover. Affected...
CVE-2024-4310 Cross-site Scripting (XSS) vulnerability in HubBank
Cross-site Scripting XSS vulnerability in HubBank affecting version 1.0.2. This vulnerability allows an attacker to send a specially crafted JavaScript payload to registration and profile forms and trigger the payload when any authenticated user loads the page, resulting in a session takeover...
CVE-2024-4309
HubBank CVE-2024-4309 is a SQL injection in HubBank v1.0.2 affecting parameterized id values on endpoints /user/transaction.php?id=1, /user/credit-debit_transaction.php?id=1, /user/view_transaction.php?id=1, and /user/viewloantrans.php?id=1. Root cause: improper handling of user input leading to ...
CVE-2024-4309 SQL injection vulnerability in HubBank
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints /user/transaction.php?id=1, /user/credit-debittransaction.php?id=1,/user/viewtransaction. php?id=1 and...
CVE-2024-4309 SQL injection vulnerability in HubBank
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints /user/transaction.php?id=1, /user/credit-debittransaction.php?id=1,/user/viewtransaction. php?id=1 and...