6 matches found
CVE-2026-30760
CVE-2026-30760 affects SourceBans Material Admin prior to v1.1.6. A crafted XAJAX call allows an attacker to manipulate arbitrary user data in the web application. The root cause is related to insufficient validation/authorization in handling XAJAX requests, leading to data integrity impacts (arb...
CVE-2024-40490
An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information via a crafted XAJAX call to the Forgot Password function...
CVE-2024-40490
An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information via a crafted XAJAX call to the Forgot Password function...
CVE-2024-40490
An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information via a crafted XAJAX call to the Forgot Password function...
CVE-2024-40490
SourceBans++ before v1.8.0 contains a vulnerability allowing a remote attacker to obtain sensitive information via a crafted XAJAX call to the Forgot Password function. Affected component: Forgot Password handler in SourceBans++ (v1.7.x and earlier). Root cause: improper handling of XAJAX request...
CVE-2024-40490
An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information via a crafted XAJAX call to the Forgot Password function...