SQL Injection Vulnerability in HubBank by Unknown Vendor
CVE-2024-4309
8.1HIGH
Key Information:
Badges
๐พ Exploit Exists๐ก Public PoC
What is CVE-2024-4309?
An SQL injection vulnerability has been identified in HubBank version 1.0.2, allowing attackers to execute malicious SQL queries via various endpoints. This flaw enables unauthorized access to sensitive data in the database by manipulating the 'id' parameter in requests. Attackers can potentially extract confidential information, posing significant risks to data integrity and privacy.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
