CVE-2026-7268

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This impacts the function savecategory of the file /admin/ajax.php?action=savecategory. Such manipulation of the argument Name leads to sql injection. The attack may be performed from remote. The exploit has been...

EUVD-2026-14658

A vulnerability was found in SourceCodester E-Commerce Site 1.0. This vulnerability affects unknown code of the file /products.php. The manipulation of the argument Search results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2026-4613 SourceCodester E-Commerce Site products.php sql injection

A vulnerability was found in SourceCodester E-Commerce Site 1.0. This vulnerability affects unknown code of the file /products.php. The manipulation of the argument Search results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2025-11430

A vulnerability was found in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /cart.php. The manipulation of the argument remove results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2023-1569

A vulnerability classified as problematic was found in SourceCodester E-Commerce System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/user/controller.php?action=edit. The manipulation of the argument UNAME with the input leads to cross site scripting. The attac...

SourceCodester E-Commerce Website SQL注入漏洞

SourceCodester E-Commerce Website is a SourceCodester open source application. A PHP e-commerce website project for bookstores. A SQL injection vulnerability exists in SourceCodester E-Commerce Website version 1.0, which stems from the manipulation of the parameter fname in the file...

PT-2024-38876 · Sourcecodester · Sourcecodester E-Commerce Website

Name of the Vulnerable Software and Affected Versions: SourceCodester E-Commerce Website version 1.0 Description: A critical issue has been identified in the /Admin/registration.php file, where the manipulation of the fname argument leads to SQL injection. This issue can be initiated remotely. Th...

CVE-2024-8089

A vulnerability was found in SourceCodester E-Commerce System 1.0. It has been classified as critical. Affected is an unknown function of the file /ecommerce/admin/products/controller.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack...

SourceCodester E-Commerce System SQL注入漏洞

SourceCodester E-Commerce System is an e-commerce system from SourceCodester Inc. SourceCodester E-Commerce System version 1.0 suffers from a SQL injection vulnerability in the useremail parameter of /ecommerce/admin/login.php of the component Admin Login page...

PT-2024-38795 · Unknown · Sourcecodester E-Commerce System

Name of the Vulnerable Software and Affected Versions: SourceCodester E-Commerce System version 1.0 Description: A critical vulnerability has been found in the SourceCodester E-Commerce System, affecting unknown code of the file /ecommerce/admin/login.php of the component Admin Login. The...

CVE-2024-2754

A vulnerability classified as critical has been found in SourceCodester Complete E-Commerce Site 1.0. Affected is an unknown function of the file /admin/usersphoto.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit h...

CVE-2023-1557

A vulnerability was found in SourceCodester E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /ecommerce/admin/user/controller.php?action=edit of the component Username Handler. The manipulation of the argument USERID leads to...

CVE-2023-1506

A vulnerability, which was classified as critical, was found in SourceCodester E-Commerce System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument UUSERNAME leads to sql injection. It is possible to launch the attack remotely. The complexity of an attack...