CVE-2026-7297

A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function saveuser of the file /admin/ajax.php?action=saveuser. Executing a manipulation of the argument Name can lead to cross site scripting. The attack can be executed remotely. The...

CVE-2026-7295

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function savemenu of the file /admin/ajax.php?action=savemenu. Such manipulation of the argument Name leads to cross site scripting. The attack may be launched remotely. The exploit has be...

SourceCodester Pizzafy Ecommerce System 跨站脚本漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System contains a cross-site scripting vulnerability. This vulnerability arises from the parameter Name in the saveuser function in the file...

CVE-2025-8336

A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=saveuser. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploi...

Campcodes Online Recruitment Management System 注入漏洞

CampCodes Online Recruitment Management System is a recruitment management system from CampCodes Philippines. An injection vulnerability exists in Campcodes Online Recruitment Management System version 1.0, which is caused by an incorrect manipulation of the parameter ID in the file /admin/ajax.p...

CVE-2025-8274

A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=saverecruitmentstatus. The manipulation of the argument ID leads to sql injection. The attack can b...

CVE-2023-51048

S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the Anewsauth parameter at /admin/ajax.php...

CVE-2023-24646

An arbitrary file upload vulnerability in the component /fos/admin/ajax.php of Food Ordering System v2.0 allows attackers to execute arbitrary code via a crafted PHP file...

S-CMS Security Vulnerabilities

S-CMS is a PHP and MySQL based Content Management System CMS from S-CMS China. A security vulnerability exists in S-CMS v5.0, which originates from the discovery of an SQL injection vulnerability via the Atextauth parameter in /admin/ajax.php...

CVE-2018-21013

The Swape theme before 1.2.1 for WordPress has incorrect access control, as demonstrated by allowing new administrator accounts via vectors involving xmlPath to wp-admin/admin-ajax.php...