CVE-2026-7393 | SourceCodester Pizzafy Ecommerce System 1.0 File Extension admin_class_novo.php save_menu img unrestricted upload

A vulnerability identified as critical has been detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function save_menu of the file /admin/admin_class_novo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. This vulnerability is reported as CVE-2026-7393. The attack is possible to be carried out remotely. Moreover, an exploit is present.

Tekst info:

Gepubliceerd: 11:45 - 29 Apr 2026

vuldb.com

Full text URL: https://vuldb.com/vuln/360118
Textarea URL (deze pagina):
https://textarea.nl/nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOzwWx8vSNzQwMDS0AnlEJrA==_2026-04-29
Bron: https://vuldb.com/?rss.recent
Vuldb: https://vuldb.com
Publicatie datum: 11:45 - 29 Apr 2026}
Data laatste keer ververst op:
13:45 - 29 Apr 2026