SourceCodester Pizzafy Ecommerce System 注入漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a vulnerability related to SQL injection, which arises from improper handling of the parameter ID in the file admin/vieworder.php...

📄 Pizzafy Ecommerce System 1.0 SQL Injection

The admin/vieworder.php endpoint in Pizzafy Ecommerce System version 1.0 fails to properly sanitize the id GET parameter before passing it to a MySQL query. An authenticated administrator can manipulate this parameter to inject arbitrary SQL, leading to full database compromise. SQL Injection in...

CVE-2024-2418

A vulnerability was found in SourceCodester Best POS Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /vieworder.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The...

PT-2024-20307

Name of the Vulnerable Software and Affected Versions SourceCodester Best POS Management System version 1.0 Description A critical issue has been identified, affecting an unknown functionality of the file /view order.php. The manipulation of the id argument leads to SQL injection. This issue can ...