CVE-2024-57178

An SQL injection vulnerability exists in Stock-Forecaster <=01-04-2020. By sending a specially crafted 'stock-symbol' parameter to the portofolio() endpoint, it is possible to trigger an SQL injection in the application. As a result, the attacker will be able the user data or manipulate the software behavior.
Configurations

No configuration.

History

10 Feb 2025, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-02-10 20:15

Updated : 2025-02-10 20:15


NVD link : CVE-2024-57178

Mitre link : CVE-2024-57178

CVE.ORG link : CVE-2024-57178


JSON object : View

Products Affected

No product.

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')