Lucene search
+L

153 matches found

Cvelist
Cvelist
added 2026/04/29 8:30 p.m.35 views

CVE-2026-7407 SourceCodester Pizzafy Ecommerce System Setting ajax.php save_settings sql injection

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function savesettings of the file /pizzafy/admin/ajax.php?action=savesettings of the component Setting Handler. Such manipulation leads to sql injection. It is possible...

5.8CVSS0.00253EPSS
Exploits0References5
NVD
NVD
added 2026/04/29 5:16 p.m.8 views

CVE-2026-7393

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function savemenu of the file /admin/adminclassnovo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. The attack is possible to be...

5.8CVSS0.00268EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/29 5:15 p.m.6 views

EUVD-2026-26266

A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/vieworder.php of the component GET Parameter Handler. Executing a manipulation of the argument ID can lead to sql injection. The attack may ...

5.8CVSS5AI score0.00244EPSS
Exploits1References5
CVE
CVE
added 2026/04/29 5:15 p.m.14 views

CVE-2026-7394

SourceCodester Pizzafy Ecommerce System 1.0 is affected by SQL Injection in the admin/view_order.php file via the id GET parameter. The vulnerability arises from insufficient sanitization before using the parameter in a MySQL query. An authenticated administrator can manipulate this parameter to ...

5.8CVSS5AI score0.00244EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/04/29 5:15 p.m.3 views

CVE-2026-7394

A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/vieworder.php of the component GET Parameter Handler. Executing a manipulation of the argument ID can lead to sql injection. The attack may ...

5.8CVSS5AI score0.00244EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/04/29 5:15 p.m.37 views

CVE-2026-7394 SourceCodester Pizzafy Ecommerce System GET Parameter view_order.php sql injection

A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/vieworder.php of the component GET Parameter Handler. Executing a manipulation of the argument ID can lead to sql injection. The attack may ...

5.8CVSS0.00244EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/04/29 5:0 p.m.3 views

CVE-2026-7393 SourceCodester Pizzafy Ecommerce System File Extension admin_class_novo.php save_menu unrestricted upload

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function savemenu of the file /admin/adminclassnovo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. The attack is possible to be...

5.8CVSS4.8AI score0.00268EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/29 5:0 p.m.7 views

EUVD-2026-26265

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function savemenu of the file /admin/adminclassnovo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. The attack is possible to be...

5.8CVSS4.8AI score0.00268EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.7 views

PT-2026-35963

A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/view order.php of the component GET Parameter Handler. Executing a manipulation of the argument ID can lead to sql injection. The attack may...

5.8CVSS5AI score0.00244EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.6 views

PT-2026-36015

Name of the Vulnerable Software and Affected Versions SourceCodester Pizzafy Ecommerce System version 1.0 Description A flaw in the admin panel allows for remote SQL injection, a technique where malicious SQL statements are inserted into entry fields for execution. This issue occurs within the sa...

5.8CVSS5.1AI score0.00202EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.13 views

SourceCodester Pizzafy Ecommerce System 注入漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a SQL injection vulnerability, which arises from the parameter pid being manipulated in the file admin/ajax.php?action=addtocart...

6.5CVSS6.6AI score0.00192EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.10 views

SourceCodester Pizzafy Ecommerce System 注入漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a vulnerability related to SQL injection, which arises from improper handling of the parameter ID in the file admin/vieworder.php...

5.8CVSS5.8AI score0.00244EPSS
Exploits1References1
NVD
NVD
added 2026/04/28 10:16 p.m.5 views

CVE-2026-7296

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function saveorder of the file /admin/ajax.php?action=saveorder. Performing a manipulation of the argument firstname results in cross site scripting. Remote exploitation of the attack is possible. The explo...

4.8CVSS0.00202EPSS
Exploits0References5
NVD
NVD
added 2026/04/28 7:37 p.m.6 views

CVE-2026-7294

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function savesettings of the file /admin/index.php?page=savesettings. This manipulation of the argument Name causes cross site scripting. The attack may be initiated remotely. The exploit h...

4.8CVSS0.00206EPSS
Exploits0References5
NVD
NVD
added 2026/04/28 7:37 p.m.9 views

CVE-2026-7295

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function savemenu of the file /admin/ajax.php?action=savemenu. Such manipulation of the argument Name leads to cross site scripting. The attack may be launched remotely. The exploit has be...

4.8CVSS0.00206EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/28 6:45 p.m.6 views

EUVD-2026-26147

A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function saveuser of the file /admin/ajax.php?action=saveuser. Executing a manipulation of the argument Name can lead to cross site scripting. The attack can be executed remotely. The...

4.8CVSS3.1AI score0.00202EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/28 6:45 p.m.41 views

CVE-2026-7297 SourceCodester Pizzafy Ecommerce System ajax.php save_user cross site scripting

A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function saveuser of the file /admin/ajax.php?action=saveuser. Executing a manipulation of the argument Name can lead to cross site scripting. The attack can be executed remotely. The...

4.8CVSS0.00202EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/28 6:30 p.m.6 views

EUVD-2026-26146

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function saveorder of the file /admin/ajax.php?action=saveorder. Performing a manipulation of the argument firstname results in cross site scripting. Remote exploitation of the attack is possible. The explo...

4.8CVSS3.5AI score0.00202EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/28 6:30 p.m.5 views

CVE-2026-7296 SourceCodester Pizzafy Ecommerce System ajax.php save_order cross site scripting

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function saveorder of the file /admin/ajax.php?action=saveorder. Performing a manipulation of the argument firstname results in cross site scripting. Remote exploitation of the attack is possible. The explo...

4.8CVSS3.4AI score0.00202EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/28 6:30 p.m.5 views

CVE-2026-7296

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function saveorder of the file /admin/ajax.php?action=saveorder. Performing a manipulation of the argument firstname results in cross site scripting. Remote exploitation of the attack is possible. The explo...

4.8CVSS3.4AI score0.00202EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder