Lucene search
+L

42 matches found

Cvelist
Cvelist
added 2024/04/29 12:25 p.m.23 views

CVE-2024-4307 SQL injection vulnerability in HubBank

SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints /accounts/activities.php?id=1, /accounts/view-deposit.php?id=1, /accounts/viewcards. php?id=1,...

8.1CVSS8.3AI score0.0045EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/29 12:25 p.m.15 views

CVE-2024-4307 SQL injection vulnerability in HubBank

SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints /accounts/activities.php?id=1, /accounts/view-deposit.php?id=1, /accounts/viewcards. php?id=1,...

8.1CVSS7.3AI score0.0045EPSS
Exploits0References1
CVE
CVE
added 2024/04/29 12:25 p.m.58 views

CVE-2024-4307

HubBank’s CVE-2024-4307 affects HubBank v1.0.2. The issue is an SQL injection in the id parameter across endpoints /accounts/activities.php?id=1, /accounts/view-deposit.php?id=1, /accounts/view_cards.php?id=1, /accounts/wire-transfer.php?id=1 and /accounts/wiretransfer-pending.php?id=1, enabling ...

8.1CVSS7.2AI score0.0045EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/29 12:23 p.m.13 views

CVE-2024-4308 SQL injection vulnerability in HubBank

SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints...

8.1CVSS7.3AI score0.0045EPSS
Exploits0References1
CVE
CVE
added 2024/04/29 12:23 p.m.55 views

CVE-2024-4308

CVE-2024-4308 describes a SQL injection vulnerability in HubBank v1.0.2. The affected component is the HubBank application, with the root cause identified as improper handling of the id parameter in multiple admin endpoints (e.g., /admin/view_users.php?id=1, /admin/viewloan-trans.php?id=1, /admin...

8.1CVSS7.2AI score0.0045EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/04/29 12:23 p.m.22 views

CVE-2024-4308 SQL injection vulnerability in HubBank

SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints...

8.1CVSS8.3AI score0.0045EPSS
Exploits0References1
OSV
OSV
added 2024/04/29 12:15 p.m.6 views

CVE-2024-4306

Critical unrestricted file upload vulnerability in HubBank affecting version 1.0.2. This vulnerability allows a registered user to upload malicious PHP files via upload document fields, resulting in webshell execution...

8.8CVSS5.8AI score0.00694EPSS
Exploits0References1
NVD
NVD
added 2024/04/29 12:15 p.m.19 views

CVE-2024-4306

Critical unrestricted file upload vulnerability in HubBank affecting version 1.0.2. This vulnerability allows a registered user to upload malicious PHP files via upload document fields, resulting in webshell execution...

9.9CVSS9.6AI score0.00694EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/29 11:56 a.m.15 views

CVE-2024-4306 Unrestricted Upload of File with Dangerous Type vulnerability in HubBank

Critical unrestricted file upload vulnerability in HubBank affecting version 1.0.2. This vulnerability allows a registered user to upload malicious PHP files via upload document fields, resulting in webshell execution...

9.9CVSS7AI score0.00694EPSS
Exploits0References1
CVE
CVE
added 2024/04/29 11:56 a.m.68 views

CVE-2024-4306

CVE-2024-4306 affects HubBank version 1.0.2 and is a critical unrestricted file upload vulnerability. A registered user can upload malicious PHP files through upload document fields, enabling webshell execution on the server. The connected PT-2024-30276 advisory corroborates a high-severity, clie...

9.9CVSS7AI score0.00694EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/04/29 11:56 a.m.23 views

CVE-2024-4306 Unrestricted Upload of File with Dangerous Type vulnerability in HubBank

Critical unrestricted file upload vulnerability in HubBank affecting version 1.0.2. This vulnerability allows a registered user to upload malicious PHP files via upload document fields, resulting in webshell execution...

9.9CVSS9.7AI score0.00694EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/29 12:0 a.m.5 views

HubBank 跨站脚本漏洞

HubBank is an app from HubBank, Inc. A cross-site scripting vulnerability exists in HubBank version 1.0.2, which stems from the lack of effective filtering and escaping of user-supplied data on registration and profile forms, and can be exploited by an attacker to execute arbitrary web script or...

6.3CVSS5.9AI score0.00293EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/29 12:0 a.m.8 views

PT-2024-30296 · Hubbank · Hubbank

Name of the Vulnerable Software and Affected Versions: HubBank version 1.0.2 Description: The issue is a Cross-site Scripting XSS vulnerability that allows an attacker to send a specially crafted JavaScript payload to registration and profile forms. This payload can be triggered when any...

6.3CVSS5.9AI score0.00293EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/04/29 12:0 a.m.6 views

HubBank SQL注入漏洞

HubBank is an application from HubBank, Inc. A SQL injection vulnerability exists in HubBank version 1.0.2, which stems from a SQL injection vulnerability in the /user/transaction.php endpoint...

8.1CVSS8AI score0.0045EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/29 12:0 a.m.6 views

HubBank 代码问题漏洞

HubBank is an application from HubBank, Inc. A code issue vulnerability exists in HubBank version 1.0.2 that originates from allowing registered users to upload a malicious PHP file via the upload document field, which can lead to webshell execution...

9.9CVSS7.3AI score0.00694EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2024/04/29 12:0 a.m.585 views

CVE-2024-4309

SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints /user/transaction.php?id=1, /user/credit-debittransaction.php?id=1,/user/viewtransaction. php?id=1 and...

8.1CVSS7.4AI score0.0045EPSS
In wildExploits0References2
Positive Technologies
Positive Technologies
added 2024/04/29 12:0 a.m.8 views

PT-2024-30279 · Hubbank · Hubbank

Name of the Vulnerable Software and Affected Versions: HubBank version 1.0.2 Description: The issue is related to a SQL injection vulnerability that could allow an attacker to send a specially crafted SQL query to the database through different endpoints, such as "/admin/view users.php?id=1",...

8.1CVSS6.8AI score0.0045EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/04/29 12:0 a.m.7 views

PT-2024-30276 · Hubbank · Hubbank

Name of the Vulnerable Software and Affected Versions: HubBank version 1.0.2 Description: The issue allows a registered user to upload malicious PHP files via upload document fields, resulting in webshell execution. This is a critical unrestricted file upload vulnerability. Recommendations: For...

9.9CVSS6.5AI score0.00694EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/04/29 12:0 a.m.8 views

HubBank SQL注入漏洞

HubBank is an application from HubBank, Inc. HubBank version 1.0.2 suffers from a SQL injection vulnerability that originates from allowing an attacker to send specially crafted SQL queries to the database from different endpoints and retrieve information stored in the database...

8.1CVSS7.5AI score0.0045EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/29 12:0 a.m.8 views

HubBank SQL注入漏洞

HubBank is an application from HubBank, Inc. A security vulnerability exists in HubBank version 1.0.2, which stems from a SQL injection vulnerability in the /admin/viewusers.php endpoint...

8.1CVSS8AI score0.0045EPSS
Exploits0References3
Rows per page
Query Builder