SQL injection vulnerability in HubBank affecting version...
High severity
Unreviewed
Published
Apr 29, 2024
to the GitHub Advisory Database
Description
Published by the National Vulnerability Database
Apr 29, 2024
Published to the GitHub Advisory Database
Apr 29, 2024
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints (/accounts/activities.php?id=1, /accounts/view-deposit.php?id=1, /accounts/view_cards. php?id=1, /accounts/wire-transfer.php?id=1 and /accounts/wiretransfer-pending.php?id=1, id parameter) and retrieve the information stored in the database.
References