CVE-2026-49491 in Pixa Bankالمعلومات

الملخص

بحسب MITRE • 02/06/2026

Pixa Bank 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to extract sensitive data by injecting SQL code into the 'rib' parameter. Attackers can send POST requests to the agence-ajax.php endpoint with UNION-based SQL payloads to retrieve user information including names, email addresses, and phone numbers from the database.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

VulnCheck

حجز

31/05/2026

إفشاء

02/06/2026

الاعتدال

تمت الموافقة

إدخال

VDB-367850

CPE

جاهز

CWE

CWE-89 (مؤكد)

CVSS

8.2 (CNA)

EPSS

0.00065

KEV

لا

النشاطات

منخفض جدًا

القطاع

Finance

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-49491
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-49491
CVE Details	https://www.cvedetails.com/cve/CVE-2026-49491/

التالي ▸نظرة عامة ◂ السابق

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!