CVE-2026-7409 | SourceCodester Pizzafy Ecommerce System 1.0 ajax.php?action=save_user sql injection

Inserito da Angelo Barbosa | Apr 29, 2026 | CVE

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. It has been declared as critical. This affects the function save_user of the file /admin/ajax.php?action=save_user. Executing a manipulation can lead to sql injection.

This vulnerability is tracked as CVE-2026-7409. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2026-7409 | SourceCodester Pizzafy Ecommerce System 1.0 ajax.php?action=save_user sql injection

Post correlati

CVE-2025-4952 | ESET NOD32 Antivirus prior 1496 Registry Entry permission assignment

CVE-2026-31965 | samtools htslib up to 1.21.0/1.22.1/1.23 cram_decode_slice out-of-bounds

CVE-2024-0621 | Simple Share Buttons Adder Plugin up to 8.4.11 on WordPress CSS Setting cross site scripting

CVE-2024-8578 | TOTOLINK AC1200 T8 4.1.5cu.861_B20230220 /cgi-bin/cstecgi.cgi setWiFiMeshName device_name buffer overflow