Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-38289 PoC — RHUB TurboMeeting 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-38289.yaml
Associated Vulnerability
Title:RHUB TurboMeeting 安全漏洞 (CVE-2024-38289)
Description:RHUB TurboMeeting是RHUB公司的一种协作解决方案。提供网络会议、远程支持、音频会议、视频会议、远程访问和网络研讨会支持。 RHUB TurboMeeting 8.X之前版本存在安全漏洞。远程攻击者利用该漏洞通过特制的SQL输入对应用程序进行身份验证。
Description
A Boolean-based SQL injection vulnerability in the "RHUB TurboMeeting" web application. This vulnerability could allow an attacker to execute arbitrary SQL commands on the database server, potentially allowing them to access sensitive data or compromise the server.
File Snapshot

 id: CVE-2024-38289

info:
  name: TurboMeeting - Boolean-based SQL Injection
  author: rootxharsh,ia

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.