Lucene search
K

6 matches found

CVE
CVE
added 2026/05/28 12:0 a.m.23 views

CVE-2026-30760

CVE-2026-30760 affects SourceBans Material Admin prior to v1.1.6. A crafted XAJAX call allows an attacker to manipulate arbitrary user data in the web application. The root cause is related to insufficient validation/authorization in handling XAJAX requests, leading to data integrity impacts (arb...

7.3CVSS5.9AI score0.00308EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 7:32 a.m.6 views

CVE-2024-40490

An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information via a crafted XAJAX call to the Forgot Password function...

7.5CVSS6.4AI score0.00463EPSS
Exploits0References1
NVD
NVD
added 2024/11/01 4:15 p.m.29 views

CVE-2024-40490

An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information via a crafted XAJAX call to the Forgot Password function...

7.5CVSS0.00463EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/01 12:0 a.m.19 views

CVE-2024-40490

An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information via a crafted XAJAX call to the Forgot Password function...

0.00463EPSS
Exploits0References1
CVE
CVE
added 2024/11/01 12:0 a.m.54 views

CVE-2024-40490

SourceBans++ before v1.8.0 contains a vulnerability allowing a remote attacker to obtain sensitive information via a crafted XAJAX call to the Forgot Password function. Affected component: Forgot Password handler in SourceBans++ (v1.7.x and earlier). Root cause: improper handling of XAJAX request...

7.5CVSS6.4AI score0.00463EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/01 12:0 a.m.16 views

CVE-2024-40490

An issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information via a crafted XAJAX call to the Forgot Password function...

7.2AI score0.00463EPSS
Exploits0References1
Rows per page
Query Builder