CVE-2026-14622
Last modified
CVE-2026-14622 is a high-severity vulnerability rated 7.3/10 on the CVSS scale. A vulnerability was found in jairiidriss restaurant-website-php-mysql up to 521428b5b612449df0cf4a5d15ee40cba67f3d35. This vulnerability affects unknown code of the file /admin/ajax_files of the component AJAX Endpoint. EPSS estimates a 0.52% chance of exploitation in the next 30 days.
Description
A vulnerability was found in jairiidriss restaurant-website-php-mysql up to 521428b5b612449df0cf4a5d15ee40cba67f3d35. This vulnerability affects unknown code of the file /admin/ajax_files of the component AJAX Endpoint. Performing a manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been made public and could be used. This product adopts a rolling release strategy to maintain continuous delivery. Therefore, version details for affected or updated releases cannot be specified. The project was informed of the problem early through an issue report but has not responded yet.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
Source: CNA advisory (CVE.org). NVD analysis pending.
| Vendor | Product | Versions |
|---|---|---|
| jairiidriss | restaurant-website-php-mysql | 521428b5b612449df0cf4a5d15ee40cba67f3d35 |
References
Timeline
- Published
- Last Modified
- Status
- Deferred
Frequently Asked Questions
What is CVE-2026-14622?
How severe is CVE-2026-14622?
How do I fix CVE-2026-14622?
Related CVEs from 2026
- CVE-2026-14617A security vulnerability has been detected in NousResearch h…3.1
- CVE-2026-14618A vulnerability was detected in Open5GS up to 2.7.7. Affecte…4.3
- CVE-2026-14619A flaw has been found in itsourcecode Hospital Management Sy…6.3
- CVE-2026-1462A vulnerability in the `TFSMLayer` class of the `keras` pack…8.8
- CVE-2026-14620webpack-dev-server versions 5.2.5 and earlier expose two int…4.7
- CVE-2026-14621A vulnerability has been found in FederatedAI FATE up to 2.2…3.1
- CVE-2026-14623A vulnerability was determined in omec-project amf up to 2.1…4.3
- CVE-2026-14624A vulnerability was identified in omec-project amf up to 2.0…4.3
- CVE-2026-14625A security flaw has been discovered in NousResearch hermes-a…6.3
- CVE-2026-14626A weakness has been identified in NousResearch hermes-agent …4.3
- CVE-2026-14627A security vulnerability has been detected in NousResearch h…5.6
- CVE-2026-14628A vulnerability was detected in NousResearch hermes-agent up…5.5
Are you affected by CVE-2026-14622?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
