CVE-2024-4310
- EPSS 0.08%
- Veröffentlicht 29.04.2024 13:15:32
- Zuletzt bearbeitet 23.04.2025 16:35:48
Cross-site Scripting (XSS) vulnerability in HubBank affecting version 1.0.2. This vulnerability allows an attacker to send a specially crafted JavaScript payload to registration and profile forms and trigger the payload when any authenticated user lo...
CVE-2024-4307
- EPSS 0.12%
- Veröffentlicht 29.04.2024 13:15:31
- Zuletzt bearbeitet 23.04.2025 16:37:03
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints (/accounts/activities.php?id=1, /accounts/view-deposit.php?id...
CVE-2024-4308
- EPSS 0.12%
- Veröffentlicht 29.04.2024 13:15:31
- Zuletzt bearbeitet 26.09.2025 16:11:46
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints (/admin/view_users.php?id=1,/admin/viewloan-trans.php?id=1,/a...
CVE-2024-4309
- EPSS 0.12%
- Veröffentlicht 29.04.2024 13:15:31
- Zuletzt bearbeitet 23.04.2025 16:36:39
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints (/user/transaction.php?id=1, /user/credit-debit_transaction.p...
CVE-2024-4306
- EPSS 0.17%
- Veröffentlicht 29.04.2024 12:15:07
- Zuletzt bearbeitet 23.04.2025 16:37:42
Critical unrestricted file upload vulnerability in HubBank affecting version 1.0.2. This vulnerability allows a registered user to upload malicious PHP files via upload document fields, resulting in webshell execution.