CVE-2026-7297
SourceCodester Pizzafy Ecommerce System 1.0 contains a cross-site scripting flaw in the save_user function at /admin/ajax.php?action=save_user. Manipulating the Name argument can trigger XSS; the attack can be executed remotely and exploit information is publicly disclosed. The connected document...