CVE-2026-7296 | SourceCodester Pizzafy Ecommerce System 1.0 ajax.php?action=save_order first_name cross site scripting

Inserito da Angelo Barbosa | Apr 28, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function save_order of the file /admin/ajax.php?action=save_order. Performing a manipulation of the argument first_name results in cross site scripting.

This vulnerability is known as CVE-2026-7296. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

CVE-2026-7296 | SourceCodester Pizzafy Ecommerce System 1.0 ajax.php?action=save_order first_name cross site scripting

Post correlati

CVE-2023-36644 | ITB-GmbH TradePro 9.5 printmail Plugin access control

CVE-2023-48638 | Adobe Substance 3D Designer up to 13.0.0 out-of-bounds (apsb23-76)

CVE-2024-45512 | Zimbra Collaboration Suite up to 10.1 Briefcase Module cross site scripting

CVE-2024-3020 | shapedplugin Carousel, Slider, Gallery by WP Carousel Plugin up to 2.6.3 on WordPress shortcode deserialization