CVE-2026-7296 SourceCodester Pizzafy Ecommerce System ajax.php save_order cross site scripting

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function saveorder of the file /admin/ajax.php?action=saveorder. Performing a manipulation of the argument firstname results in cross site scripting. Remote exploitation of the attack is possible. The explo...

EUVD-2023-42858

Malicious code in bioql PyPI...

Kashipara Computer Base Test project in PHP 安全漏洞

Kashipara Computer Base Test project in PHP is a web application from Kashipara Inc. A security vulnerability exists in Kashipara Computer Base Test project in PHP v1.0, which stems from insufficient cleanup of the parameter smyFeedbacks in the file /users/adminpanel/admin/home.php, which could...

CVE-2024-8866

A vulnerability was found in AutoCMS 5.4. It has been classified as problematic. This affects an unknown part of the file /admin/robot.php. The manipulation of the argument sidebar leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CMS Made Simple <= 2.2.14 Multiple XSS Vulnerabilities

CMS Made Simple is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...