Lucene search
+L

4846 matches found

NVD
NVD
added 2026/04/29 10:16 p.m.10 views

CVE-2026-7410

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=addtocart. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to...

6.5CVSS0.00192EPSS
Exploits0References5
CVE
CVE
added 2026/04/29 9:15 p.m.25 views

CVE-2026-7410

CVE-2026-7410 affects SourceCodester Pizzafy Ecommerce System 1.0. The vulnerability is in /admin/ajax.php?action=add_to_cart, where manipulating the pid parameter causes an SQL injection. The exploit is publicly disclosed and the CVSS metrics indicate medium severity (base scores ~5.3–6.5) with ...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/29 9:15 p.m.6 views

CVE-2026-7410 SourceCodester Pizzafy Ecommerce System ajax.php add_to_cart sql injection

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=addtocart. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to...

6.5CVSS6.5AI score0.00192EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/29 9:15 p.m.9 views

EUVD-2026-26292

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=addtocart. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/29 8:48 p.m.8 views

CVE-2026-7264

A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function getcartitems of the file /admin/ajax.php?action=getcartitems. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been ma...

6.5CVSS6.4AI score0.0025EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/29 2:49 p.m.7 views

CVE-2026-7224

A security flaw has been discovered in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function deletecart of the file /admin/ajax.php?action=deletecart. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.14 views

PT-2026-36016

Name of the Vulnerable Software and Affected Versions SourceCodester Pizzafy Ecommerce System version 1.0 Description Remote SQL injection is possible via the manipulation of the pid argument in the '/admin/ajax.php?action=add to cart' endpoint. SQL injection is a type of flaw that allows an...

6.5CVSS6.6AI score0.00192EPSS
Exploits0References7
NVD
NVD
added 2026/04/28 10:16 a.m.6 views

CVE-2026-7264

A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function getcartitems of the file /admin/ajax.php?action=getcartitems. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been ma...

6.5CVSS0.0025EPSS
Exploits0References5
CVE
CVE
added 2026/04/28 9:30 a.m.8 views

CVE-2026-7264

SourceCodester Pizzafy Ecommerce System 1.0 contains a SQL injection flaw in the get_cart_items function (/admin/ajax.php?action=get_cart_items). The vulnerability is triggered by manipulating the ID argument, allowing remote exploitation. Public exploit material is available. No remediation deta...

6.5CVSS6.5AI score0.0025EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/28 9:30 a.m.7 views

EUVD-2026-26027

A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function getcartitems of the file /admin/ajax.php?action=getcartitems. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been ma...

6.5CVSS6.5AI score0.0025EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/28 9:30 a.m.34 views

CVE-2026-7264 SourceCodester Pizzafy Ecommerce System ajax.php get_cart_items sql injection

A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function getcartitems of the file /admin/ajax.php?action=getcartitems. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been ma...

6.5CVSS0.0025EPSS
Exploits0References5
NVD
NVD
added 2026/04/28 6:16 a.m.7 views

CVE-2026-7228

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function getcartcount of the file /admin/ajax.php?action=getcartcount. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has be...

7.5CVSS0.00254EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/28 5:15 a.m.5 views

CVE-2026-7228

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function getcartcount of the file /admin/ajax.php?action=getcartcount. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has be...

7.5CVSS5.3AI score0.00254EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/28 5:15 a.m.13 views

CVE-2026-7228

CVE-2026-7228 affects SourceCodester Pizzafy Ecommerce System 1.0. The vulnerable component is the function get_cart_count in /admin/ajax.php?action=get_cart_count, where an manipulated ID parameter enables a SQL injection. The issue is exploitable remotely, with a PoC/exploit published and avail...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/28 5:15 a.m.8 views

EUVD-2026-25992

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function getcartcount of the file /admin/ajax.php?action=getcartcount. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has be...

7.5CVSS5.3AI score0.00254EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/28 5:15 a.m.41 views

CVE-2026-7228 SourceCodester Pizzafy Ecommerce System ajax.php get_cart_count sql injection

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function getcartcount of the file /admin/ajax.php?action=getcartcount. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has be...

7.5CVSS0.00254EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/28 4:15 a.m.8 views

EUVD-2026-25988

A security flaw has been discovered in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function deletecart of the file /admin/ajax.php?action=deletecart. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS5.4AI score0.00254EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/28 4:15 a.m.10 views

CVE-2026-7224

A security flaw has been discovered in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function deletecart of the file /admin/ajax.php?action=deletecart. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS5.4AI score0.00254EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/28 4:15 a.m.16 views

CVE-2026-7224

SourceCodester Pizzafy Ecommerce System 1.0 is affected by a SQL injection in the admin/ajax.php?action=delete_cart handler, triggered by manipulating the ID parameter in delete_cart. The vulnerability arises from unsafely constructed SQL in delete_cart, allowing remote attackers to exploit it wi...

7.5CVSS7.3AI score0.00254EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/28 4:15 a.m.2 views

CVE-2026-7224 SourceCodester Pizzafy Ecommerce System ajax.php delete_cart sql injection

A security flaw has been discovered in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function deletecart of the file /admin/ajax.php?action=deletecart. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References5
Rows per page
Query Builder