CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/04/28 5:45 a.m.•29 views

CVE-2026-7230 SourceCodester Safety Anger Pad cross site scripting

5.3CVSS0.00263EPSS

Exploits0References4

Vulnrichment•added 2026/04/28 5:45 a.m.•3 views

CVE-2026-7230 SourceCodester Safety Anger Pad cross site scripting

5.3CVSS3.6AI score0.00263EPSS

Exploits0References4

Cvelist•added 2026/04/28 5:30 a.m.•32 views

CVE-2026-7229 code-projects Coaching Management System POST reply.php sql injection

A vulnerability was found in code-projects Coaching Management System 1.0. This affects an unknown function of the file /cims/modules/admin/reply.php of the component POST Handler. Performing a manipulation of the argument complaintreply results in sql injection. It is possible to initiate the...

6.5CVSS0.00233EPSS

ATTACKERKB•added 2026/04/28 5:15 a.m.•4 views

CVE-2026-7228

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function getcartcount of the file /admin/ajax.php?action=getcartcount. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has be...

7.5CVSS5.3AI score0.00254EPSS

Vulnrichment•added 2026/04/28 5:15 a.m.•5 views

CVE-2026-7228 SourceCodester Pizzafy Ecommerce System ajax.php get_cart_count sql injection

7.5CVSS7.1AI score0.00254EPSS

EUVD•added 2026/04/28 5:15 a.m.•6 views

EUVD-2026-25992

7.5CVSS5.3AI score0.00254EPSS

Cvelist•added 2026/04/28 5:15 a.m.•36 views

CVE-2026-7228 SourceCodester Pizzafy Ecommerce System ajax.php get_cart_count sql injection

7.5CVSS0.00254EPSS

EUVD•added 2026/04/28 5:0 a.m.•4 views

EUVD-2026-25991

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function Login of the file /admin/ajax.php?action=login. The manipulation of the argument e-mail results in sql injection. The attack can be executed remotely. The exploit is now public and may be used...

7.5CVSS5.3AI score0.00254EPSS

CVE•added 2026/04/28 5:0 a.m.•15 views

CVE-2026-7227

SourceCodester Pizzafy Ecommerce System 1.0 contains an SQL injection in the Login function (admin/ajax.php?action=login) via manipulation of the e-mail parameter. Exploitation is possible remotely and the exploit is public, indicating practical risk. The CVE notes CVSS metrics (e.g., up to 7.3–7...

7.5CVSS7.3AI score0.00254EPSS

Vulnrichment•added 2026/04/28 4:45 a.m.•3 views

CVE-2026-7226 SourceCodester Pizzafy Ecommerce System ajax.php login2 sql injection

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. This issue affects the function login2 of the file /admin/ajax.php?action=login2. The manipulation of the argument e-mail leads to sql injection. Remote exploitation of the attack is possible. The exploit h...

CVE•added 2026/04/28 4:45 a.m.•13 views

CVE-2026-7226

SourceCodester Pizzafy Ecommerce System 1.0 contains a SQL injection in the /admin/ajax.php?action=login2 function (parameter e-mail). Remote exploitation is possible and the exploit has been publicly disclosed. This CVE entry documents a critical vulnerability scenario affecting login handling; ...

ATTACKERKB•added 2026/04/28 4:30 a.m.•5 views

CVE-2026-7225

A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function deletemenu of the file /admin/ajax.php?action=deletemenu. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit...

7.5CVSS5.5AI score0.00254EPSS

Vulnrichment•added 2026/04/28 4:30 a.m.•2 views

CVE-2026-7225 SourceCodester Pizzafy Ecommerce System ajax.php delete_menu sql injection

CVE•added 2026/04/28 4:30 a.m.•8 views

CVE-2026-7225

SourceCodester Pizzafy Ecommerce System 1.0 is affected. The vulnerability is in /admin/ajax.php?action=delete_menu; manipulating the ID parameter enables SQL injection. A remote attack is possible and public PoC exists. CVSS metrics show high impact on confidentiality/integrity/availability (LOW...

7.5CVSS7.3AI score0.00254EPSS

NVD•added 2026/04/28 4:16 a.m.•5 views

CVE-2026-7223

A vulnerability was identified in BigSweetPotatoStudio HyperChat up to 2.0.0-alpha.63. Affected by this issue is the function fetch of the file packages/core/src/http/aiProxyMiddleware.mts of the component AI Proxy Middleware. Such manipulation of the argument baseurl leads to server-side request...

7.5CVSS0.00278EPSS

NVD•added 2026/04/28 4:16 a.m.•3 views

CVE-2026-7222

A vulnerability was determined in code-projects Coaching Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /cims/modules/student/complaint.php of the component Complaint Form Page. This manipulation of the argument Complaint causes cross site scripting...

5.1CVSS0.00232EPSS

Exploits1References5

ATTACKERKB•added 2026/04/28 4:15 a.m.•6 views

CVE-2026-7224

A security flaw has been discovered in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function deletecart of the file /admin/ajax.php?action=deletecart. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS5.4AI score0.00254EPSS

Vulnrichment•added 2026/04/28 4:15 a.m.•2 views

CVE-2026-7224 SourceCodester Pizzafy Ecommerce System ajax.php delete_cart sql injection