CVE-2026-7266

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. The impacted element is the function saveorder of the file /admin/ajax.php?action=saveorder. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public an...

CVE-2026-7296 SourceCodester Pizzafy Ecommerce System ajax.php save_order cross site scripting

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function saveorder of the file /admin/ajax.php?action=saveorder. Performing a manipulation of the argument firstname results in cross site scripting. Remote exploitation of the attack is possible. The explo...

EUVD-2026-26146

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function saveorder of the file /admin/ajax.php?action=saveorder. Performing a manipulation of the argument firstname results in cross site scripting. Remote exploitation of the attack is possible. The explo...

CVE-2015-5528

The CVE-2015-5528 entry concerns the WordPress Floating Social Bar plugin (pre-1.1.6). The XSS vulnerability arises in the save_order function within class-floating-social-bar.php, where the items[] parameter in the fsb_save_order action to wp-admin/admin-ajax.php is not properly filtered, allowi...

Wordpress Floating Social Bar 1.1.5 XSS Vulnerability

Exploit for php platform in category web applications Exploit Title: Floating Social Bar 1.1.5 XSS Date: 09-01-2015 Software Link: https://wordpress.org/plugins/floating-social-bar/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category...