4 matches found
đ Pizzafy Ecommerce System 1.0 SQL Injection
The admin/vieworder.php endpoint in Pizzafy Ecommerce System version 1.0 fails to properly sanitize the id GET parameter before passing it to a MySQL query. An authenticated administrator can manipulate this parameter to inject arbitrary SQL, leading to full database compromise. SQL Injection in...
SourceCodester Pizzafy Ecommerce System æłšć „æŒæŽ
SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a vulnerability related to SQL injection, which arises from improper handling of the parameter ID in the file admin/vieworder.php...
CVE-2024-2418
A vulnerability was found in SourceCodester Best POS Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /vieworder.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The...
PT-2024-20307
Name of the Vulnerable Software and Affected Versions SourceCodester Best POS Management System version 1.0 Description A critical issue has been identified, affecting an unknown functionality of the file /view order.php. The manipulation of the id argument leads to SQL injection. This issue can ...