Security Advisory

CVE-2024-57178

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-10 00:00:00

Last updated 2025-02-10 20:22:24

Assigner mitre

State PUBLISHED

Description

An SQL injection vulnerability exists in Stock-Forecaster <=01-04-2020. By sending a specially crafted stock-symbol parameter to the portofolio() endpoint, it is possible to trigger an SQL injection in the application. As a result, the attacker will be able the user data or manipulate the software behavior.

← Browse all CVEs View on cve.org ↗