CVE-2026-7293 | SourceCodester Pizzafy Ecommerce System 1.0 ajax.php?action=delete_category ID sql injection

Inserito da Angelo Barbosa | Apr 28, 2026 | CVE

A vulnerability described as critical has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function delete_category of the file /admin/ajax.php?action=delete_category. The manipulation of the argument ID results in sql injection.

This vulnerability is reported as CVE-2026-7293. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2026-7293 | SourceCodester Pizzafy Ecommerce System 1.0 ajax.php?action=delete_category ID sql injection

Post correlati

CVE-2023-6921 | Google Integrator Addon prior 2.1.4 on PrestaShow Cookie sql injection

CVE-2023-52582 | Linux Kernel up to 6.1.55/6.5/6.5.5 netfs folio_start_fscache memory corruption (df9950d37df1/d9f5537479d4/df1c357f25d8)

CVE-2025-9583 | Comfast CF-N1 2.6.0 /usr/bin/webmgnt ping_config command injection

CVE-2024-49085 | Microsoft Windows Server 2008 R2 SP1 up to Server 2022 23H2 Routing/Remote Access Service integer overflow