CVE-2026-30760

An issue in SourceBans Material Admin before v.1.1.6 3ecd95e allows attackers to manipulate arbitrary user data in the web app via a crafted XAJAX call...

CVE-2026-30760

CVE-2026-30760 affects SourceBans Material Admin prior to v1.1.6. A crafted XAJAX call allows an attacker to manipulate arbitrary user data in the web application. The root cause is related to insufficient validation/authorization in handling XAJAX requests, leading to data integrity impacts (arb...

SourceBans Material Admin 安全漏洞

SourceBans Material Admin is a game server management panel tool developed by SourceBans Material Admin developers. Versions prior to 1.1.6 of SourceBans Material Admin contained security vulnerabilities; these vulnerabilities allowed attackers to manipulate arbitrary user data in web application...

EUVD-2010-4915

Malware in sbrugna...

EUVD-2011-3778

Malware in sbrugna...

EUVD-2007-2731

Malware in sbrugna...

EUVD-2007-2732

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2011-3821

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xajax 0.6 beta1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error...

CVE-2024-40490

An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information via a crafted XAJAX call to the Forgot Password function...

CVE-2020-9267

SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary user creation via process/xajaxserver.php...

CVE-2020-9266

SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary changing of the admin password via process/xajaxserver.php...

CVE-2010-4951

Cross-site scripting XSS vulnerability in the xaJax Shoutbox vxxajaxshoutbox extension before 1.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-3821

xajax 0.6 beta1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xajaxcore/pluginlayer/xajaxScriptPlugin.inc.php and certain other files...

CVE-2024-40490

An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information via a crafted XAJAX call to the Forgot Password function...

CVE-2024-40490

An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information via a crafted XAJAX call to the Forgot Password function...

CVE-2024-40490

SourceBans++ before v1.8.0 contains a vulnerability allowing a remote attacker to obtain sensitive information via a crafted XAJAX call to the Forgot Password function. Affected component: Forgot Password handler in SourceBans++ (v1.7.x and earlier). Root cause: improper handling of XAJAX request...

CVE-2024-40490

An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information via a crafted XAJAX call to the Forgot Password function...

CVE-2024-9571

Cross-Site Scripting XSS vulnerability in SOPlanning 1.45, due to lack of proper validation of user input via /soplanning/www/process/xajaxserver.php, affecting multiple parameters. This could allow a remote user to send a specially crafted query to an authenticated user and partially take contro...

SOPlanning Cross-Site Request Forgery Vulnerability (CNVD-2020-10484)

SOPlanning is an online planning tool for efficiently organizing projects and tasks. SOPlanning 1.45 suffers from a cross-site request forgery vulnerability. An attacker can exploit this vulnerability to arbitrarily change the administrator password via process/xajaxserver.php...

SOPlanning Cross-Site Request Forgery Vulnerability

SOPlanning is an online planning tool for efficiently organizing projects and tasks. SOPlanning 1.45 suffers from a cross-site request forgery vulnerability. An attacker can exploit this vulnerability to create arbitrary users via process/xajaxserver.php...