vendor:
taskhub
by:
CraCkEr
7.1
CVSS
HIGH
SQL Injection
89, 74, 707
CWE
Product Name: taskhub
Affected Version From: 2.8.2007
Affected Version To: 2.8.2007
Patch Exists: NO
Related CWE: CVE-2023-4987
CPE: a:infinitietech:taskhub:2.8.7
Platforms Tested: Windows
2023
taskhub 2.8.7 – SQL Injection
SQL injection attacks can lead to unauthorized access to sensitive data, data modification, application crashes, and service unavailability, resulting in financial losses and reputation damage.
Mitigation:
To prevent SQL injection, use parameterized queries, input validation, and escape special characters. Regular security audits and code reviews are also recommended.