CVE-2026-7295 | SourceCodester Pizzafy Ecommerce System 1.0 ajax.php?action=save_menu Name cross site scripting

Inserito da Angelo Barbosa | Apr 28, 2026 | CVE

A vulnerability classified as problematic was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function save_menu of the file /admin/ajax.php?action=save_menu. Such manipulation of the argument Name leads to cross site scripting.

This vulnerability is traded as CVE-2026-7295. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2026-7295 | SourceCodester Pizzafy Ecommerce System 1.0 ajax.php?action=save_menu Name cross site scripting

Post correlati

CVE-2024-10578 | Arbitrary Plugin up to 1.0.7 on WordPress Installation

CVE-2024-13473 | enituretechnology LTL Freight Quotes Plugin up to 5.0.20 on WordPress dropship_edit_id/edit_id sql injection

CVE-2025-14538 | yangshare warehouseManager 仓库管理系统 1.1.0 CustomerManageHandler.java addCustomer Name cross site scripting (ID9NAU)

CVE-2023-50578 | Mingsoft MCMS 5.2.9 /content/list.do categoryType sql injection