Lucene search
+L

153 matches found

Cvelist
Cvelist
added 2026/06/02 1:0 a.m.47 views

CVE-2026-10558 SourceCodester Pizzafy Ecommerce System index.php file inclusion

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is an unknown function of the file /admin/index.php. Performing a manipulation of the argument page results in file inclusion. The attack is possible to be carried out remotely. The exploit is now public and may...

6.5CVSS0.00227EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.10 views

SourceCodester Pizzafy Ecommerce System 安全漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System contains a security vulnerability, which stems from the handling of the 'page' parameter in the file/index.php, potentially leading t...

6.5CVSS5.3AI score0.00227EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.17 views

PT-2026-45680

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an unknown function of the file /index.php. Executing a manipulation of the argument page can lead to file inclusion. The attack may be performed from remote. The exploit has been published and may be us...

6.5CVSS6.3AI score0.00227EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/05/13 2:22 p.m.8 views

CVE-2020-37168 Ecommerce Systempay 1.0 Production Key Brute Force

Ecommerce Systempay 1.0 contains a weak cryptographic implementation vulnerability that allows attackers to brute force the 16-character production secret key used for payment signature generation. Attackers can extract payment form data and signatures from POST requests to the payment endpoint,...

9.8CVSS5.8AI score0.00246EPSS
Exploits0References4
CVE
CVE
added 2026/05/07 11:45 p.m.24 views

CVE-2026-8117

CVE-2026-8117 concerns SourceCodester Pizzafy Ecommerce System 1.0. The issue arises from vulnerable handling of the argument in /admin/index.php , allowing cross-site scripting (XSS) via manipulated input. The attack can be carried out remotely and the exploit has been publicly disclosed. The co...

5.3CVSS4.2AI score0.00269EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/07 11:45 p.m.15 views

CVE-2026-8117

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. This issue affects some unknown processing of the file /admin/index.php. Such manipulation of the argument page leads to cross site scripting. The attack may be launched remotely. The exploit has been...

5.3CVSS4.2AI score0.00269EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.11 views

CVE-2026-7410

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=addtocart. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to...

6.5CVSS6.5AI score0.00192EPSS
Exploits0References1
NVD
NVD
added 2026/04/29 10:16 p.m.10 views

CVE-2026-7410

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=addtocart. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to...

6.5CVSS0.00192EPSS
Exploits0References5
NVD
NVD
added 2026/04/29 9:16 p.m.4 views

CVE-2026-7407

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function savesettings of the file /pizzafy/admin/ajax.php?action=savesettings of the component Setting Handler. Such manipulation leads to sql injection. It is possible...

5.8CVSS0.00253EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/29 9:0 p.m.5 views

CVE-2026-7409

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function saveuser of the file /admin/ajax.php?action=saveuser. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used...

5.8CVSS5AI score0.00202EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/29 9:0 p.m.11 views

CVE-2026-7409

CVE-2026-7409 affects SourceCodester Pizzafy Ecommerce System 1.0, specifically the /admin/ajax.php?action=save_user function. The issue allows remote execution of SQL injection through manipulation of the save_user process. CVSS metrics in the document indicate network attack vector, low complex...

5.8CVSS5AI score0.00202EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/29 9:0 p.m.4 views

CVE-2026-7409 SourceCodester Pizzafy Ecommerce System ajax.php save_user sql injection

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function saveuser of the file /admin/ajax.php?action=saveuser. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used...

5.8CVSS5AI score0.00202EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/29 8:48 p.m.8 views

CVE-2026-7295

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function savemenu of the file /admin/ajax.php?action=savemenu. Such manipulation of the argument Name leads to cross site scripting. The attack may be launched remotely. The exploit has be...

4.8CVSS3.1AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/29 8:48 p.m.8 views

CVE-2026-7264

A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function getcartitems of the file /admin/ajax.php?action=getcartitems. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been ma...

6.5CVSS6.4AI score0.0025EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/29 8:48 p.m.6 views

CVE-2026-7297

A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function saveuser of the file /admin/ajax.php?action=saveuser. Executing a manipulation of the argument Name can lead to cross site scripting. The attack can be executed remotely. The...

4.8CVSS3AI score0.00202EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/29 8:45 p.m.5 views

CVE-2026-7408

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function savemenu of the file /admin/ajax.php?action=savemenu. Performing a manipulation results in sql injection. The attack can be initiated remotely. The exploit is now public and may be...

5.8CVSS5AI score0.00253EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/29 8:45 p.m.11 views

CVE-2026-7408

The CVE-2026-7408 affects SourceCodester Pizzafy Ecommerce System 1.0. The vulnerable component is the save_menu function in /admin/ajax.php?action=save_menu. Manipulation of input leads to SQL injection, exploitable remotely. Public exploit appears to exist. No remediation details are provided i...

5.8CVSS5AI score0.00253EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/29 8:45 p.m.36 views

CVE-2026-7408 SourceCodester Pizzafy Ecommerce System ajax.php save_menu sql injection

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function savemenu of the file /admin/ajax.php?action=savemenu. Performing a manipulation results in sql injection. The attack can be initiated remotely. The exploit is now public and may be...

5.8CVSS0.00253EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/29 8:30 p.m.2 views

CVE-2026-7407

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function savesettings of the file /pizzafy/admin/ajax.php?action=savesettings of the component Setting Handler. Such manipulation leads to sql injection. It is possible...

5.8CVSS5AI score0.00253EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/04/29 8:30 p.m.5 views

EUVD-2026-26289

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function savesettings of the file /pizzafy/admin/ajax.php?action=savesettings of the component Setting Handler. Such manipulation leads to sql injection. It is possible...

5.8CVSS5AI score0.00253EPSS
Exploits0References5
Rows per page
Query Builder