150 matches found
CVE-2026-7294 SourceCodester Pizzafy Ecommerce System index.php save_settings cross site scripting
A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function savesettings of the file /admin/index.php?page=savesettings. This manipulation of the argument Name causes cross site scripting. The attack may be initiated remotely. The exploit h...
EUVD-2026-26138
A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function savesettings of the file /admin/index.php?page=savesettings. This manipulation of the argument Name causes cross site scripting. The attack may be initiated remotely. The exploit h...
CVE-2026-7294
SourceCodester Pizzafy Ecommerce System 1.0 is affected by a cross-site scripting flaw in the admin/index.php?page=save_settings function (save_settings) where manipulation of the Name argument enables XSS. The vulnerability is exploitable remotely, and public exploits have been published. No rem...
EUVD-2026-26137
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function deletecategory of the file /admin/ajax.php?action=deletecategory. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit is now public and...
CVE-2026-7293 SourceCodester Pizzafy Ecommerce System ajax.php delete_category sql injection
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function deletecategory of the file /admin/ajax.php?action=deletecategory. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit is now public and...
CVE-2026-7265
A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function Category of the file pizza/index.php?page=category. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploi...
CVE-2026-7268
A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This impacts the function savecategory of the file /admin/ajax.php?action=savecategory. Such manipulation of the argument Name leads to sql injection. The attack may be performed from remote. The exploit has been...
CVE-2026-7268
SourceCodester Pizzafy Ecommerce System 1.0 is affected. The vulnerability exists in the save_category function of /admin/ajax.php?action=save_category, where manipulating the Name parameter leads to SQL injection. The issue is exploitable remotely and the exploit has been disclosed publicly. The...
EUVD-2026-26034
A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This impacts the function savecategory of the file /admin/ajax.php?action=savecategory. Such manipulation of the argument Name leads to sql injection. The attack may be performed from remote. The exploit has been...
CVE-2026-7267 SourceCodester Pizzafy Ecommerce System view_prod.php sql injection
A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects an unknown function of the file /viewprod.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...
CVE-2026-7267
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2026-7267 SourceCodester Pizzafy Ecommerce System view_prod.php sql injection
A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects an unknown function of the file /viewprod.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...
CVE-2026-7266 SourceCodester Pizzafy Ecommerce System ajax.php save_order sql injection
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. The impacted element is the function saveorder of the file /admin/ajax.php?action=saveorder. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public an...
CVE-2026-7266
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. The impacted element is the function saveorder of the file /admin/ajax.php?action=saveorder. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public an...
CVE-2026-7266 SourceCodester Pizzafy Ecommerce System ajax.php save_order sql injection
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. The impacted element is the function saveorder of the file /admin/ajax.php?action=saveorder. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public an...
CVE-2026-7265
A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function Category of the file pizza/index.php?page=category. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploi...
CVE-2026-7265
CVE-2026-7265 affects SourceCodester Pizzafy Ecommerce System 1.0. The vulnerability is a SQL injection in the Category function of pizza/index.php?page=category, triggered by manipulating the ID parameter. Remote exploitation is possible and the exploit has been publicly disclosed. The available...
CVE-2026-7264
A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function getcartitems of the file /admin/ajax.php?action=getcartitems. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been ma...
EUVD-2026-26027
A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function getcartitems of the file /admin/ajax.php?action=getcartitems. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been ma...
CVE-2026-7264
SourceCodester Pizzafy Ecommerce System 1.0 contains a SQL injection flaw in the get_cart_items function (/admin/ajax.php?action=get_cart_items). The vulnerability is triggered by manipulating the ID argument, allowing remote exploitation. Public exploit material is available. No remediation deta...