CVE-2026-49491 in Pixa Bankinfo

Zusammenfassung

von MITRE • 02.06.2026

Pixa Bank 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to extract sensitive data by injecting SQL code into the 'rib' parameter. Attackers can send POST requests to the agence-ajax.php endpoint with UNION-based SQL payloads to retrieve user information including names, email addresses, and phone numbers from the database.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

VulnCheck

Reservieren

31.05.2026

Veröffentlichung

02.06.2026

Moderieren

akzeptiert

Eintrag

VDB-367850

CPE

bereit

CWE

CWE-89 (bestätigt)

CVSS

8.2 (CNA)

EPSS

0.00065

KEV

nein

Aktivitäten

very low

Sektor

Finance

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-49491
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-49491
CVE Details	https://www.cvedetails.com/cve/CVE-2026-49491/

◂ Zurück Übersicht Weiter ▸

Want to know what is going to be exploited?

We predict KEV entries!