CVE-2026-7294 | SourceCodester Pizzafy Ecommerce System 1.0 index.php?page=save_settings Name cross site scripting

Inserito da Angelo Barbosa | Apr 28, 2026 | CVE

A vulnerability classified as problematic has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function save_settings of the file /admin/index.php?page=save_settings. This manipulation of the argument Name causes cross site scripting.

This vulnerability appears as CVE-2026-7294. The attack may be initiated remotely. In addition, an exploit is available.

CVE-2026-7294 | SourceCodester Pizzafy Ecommerce System 1.0 index.php?page=save_settings Name cross site scripting

Post correlati

CVE-2023-49082 | aio-libs aiohttp crlf injection

CVE-2025-27528 | Apache InLong up to 2.1.0 Invisible Character information disclosure

CVE-2026-39316 | OpenPrinting CUPS up to 2.4.16 on Linux scheduler/printers.c cupsdDeleteTemporaryPrinters use after free (GHSA-pjv5-prqp-46rg)

CVE-2022-50236 | Linux Kernel up to 6.0.16/6.1.2 IRQ kexec initialization