CVE-2026-10558

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is an unknown function of the file /admin/index.php. Performing a manipulation of the argument page results in file inclusion. The attack is possible to be carried out remotely. The exploit is now public and may...

CVE-2026-10704

A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/adminclassnovo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. The attack ca...

CVE-2026-10704 SourceCodester Pizzafy E-Commerce System Administrative Control Panel admin_class_novo.php login sql injection

A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/adminclassnovo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. The attack ca...

SourceCodester Pizzafy Ecommerce System 跨站脚本漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System contains a cross-site scripting vulnerability. This vulnerability arises from the parameter 'page' in the file 'admin/index.php', whi...

PT-2026-38602

Name of the Vulnerable Software and Affected Versions SourceCodester Pizzafy Ecommerce System version 1.0 Description An issue in the processing of the '/admin/index.php' endpoint allows for remote cross-site scripting XSS, a technique where malicious scripts are injected into trusted websites...

EUVD-2026-26292

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=addtocart. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to...

CVE-2026-7393

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function savemenu of the file /admin/adminclassnovo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. The attack is possible to be...

SourceCodester Pizzafy Ecommerce System 注入漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a SQL injection vulnerability, which arises from the parameter operations in the function saveSettings within the file...

SourceCodester Pizzafy Ecommerce System 注入漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a SQL injection vulnerability, which arises from the parameter operations in the function savemenu within the file...

CVE-2026-7296

SourceCodester Pizzafy Ecommerce System 1.0 contains an XSS vulnerability in the admin/ajax.php?action=save_order function, triggered by manipulation of the first_name argument. Remote exploitation is possible and exploits have been published. No remediation or patch details are provided in the s...

CVE-2026-7294 SourceCodester Pizzafy Ecommerce System index.php save_settings cross site scripting

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function savesettings of the file /admin/index.php?page=savesettings. This manipulation of the argument Name causes cross site scripting. The attack may be initiated remotely. The exploit h...

CVE-2026-7293

SourceCodester Pizzafy Ecommerce System 1.0 is affected by a SQL injection in the delete_category function (/admin/ajax.php?action=delete_category) via the ID parameter. Exploitation is possible remotely and the exploit is publicly available; CVSS metrics indicate a Medium-severity, network-based...

CVE-2026-7266

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. The impacted element is the function saveorder of the file /admin/ajax.php?action=saveorder. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public an...

CVE-2026-7228

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function getcartcount of the file /admin/ajax.php?action=getcartcount. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has be...

CVE-2026-7226

SourceCodester Pizzafy Ecommerce System 1.0 contains a SQL injection in the /admin/ajax.php?action=login2 function (parameter e-mail). Remote exploitation is possible and the exploit has been publicly disclosed. This CVE entry documents a critical vulnerability scenario affecting login handling; ...

EUVD-2026-25988

A security flaw has been discovered in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function deletecart of the file /admin/ajax.php?action=deletecart. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been...

PT-2026-35814

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function save settings of the file /admin/index.php?page=save settings. This manipulation of the argument Name causes cross site scripting. The attack may be initiated remotely. The exploit...

PT-2026-35705

A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function get cart items of the file /admin/ajax.php?action=get cart items. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has bee...

PT-2026-35815

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function save menu of the file /admin/ajax.php?action=save menu. Such manipulation of the argument Name leads to cross site scripting. The attack may be launched remotely. The exploit has...

SourceCodester Pizzafy Ecommerce System 跨站脚本漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System contains a cross-site scripting vulnerability. This vulnerability arises from the parameter Name in the savesettings function located...