CVE-2024-57178

Published: Feb 10, 2025

Modified: Feb 10, 2025

PUBLISHED

Description

An SQL injection vulnerability exists in Stock-Forecaster <=01-04-2020. By sending a specially crafted 'stock-symbol' parameter to the portofolio() endpoint, it is possible to trigger an SQL injection in the application. As a result, the attacker will be able the user data or manipulate the software behavior.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/nihal223/Stock-Forecaster

https://github.com/waristea/cve-research/tree/main/CVE-2024-57178

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-57178

Description

Affected Products

References