CVE-2026-7224

A security flaw has been discovered in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function deletecart of the file /admin/ajax.php?action=deletecart. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2026-7127

A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=deletereceiving. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has...

SourceCodester Pizzafy Ecommerce System 注入漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a SQL injection vulnerability, which arises from the parameter operations in the function saveuser within the file...

SourceCodester Pizzafy Ecommerce System 注入漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a vulnerability related to SQL injection, which arises from improper handling of the parameter ID in the file admin/vieworder.php...

PT-2026-36016

Name of the Vulnerable Software and Affected Versions SourceCodester Pizzafy Ecommerce System version 1.0 Description Remote SQL injection is possible via the manipulation of the pid argument in the '/admin/ajax.php?action=add to cart' endpoint. SQL injection is a type of flaw that allows an...

SourceCodester Pharmacy Sales and Inventory System 注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System has a SQL injection vulnerability. This vulnerability arises from improper...

SourceCodester Pizzafy Ecommerce System 注入漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a SQL injection vulnerability, which arises from the parameter operations in the function saveSettings within the file...

SourceCodester Pizzafy Ecommerce System 注入漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a SQL injection vulnerability, which arises from the parameter pid being manipulated in the file admin/ajax.php?action=addtocart...

PT-2026-35959

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function save menu of the file /admin/admin class novo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. The attack is possible to be...

PT-2026-35955

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function save supplier of the file /ajax.php?action=save supplier. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been...

PT-2026-35958

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function delete supplier of the file /ajax.php?action=delete supplier. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been...

PT-2026-35954

A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function Customer of the file /index.php?page=customer. The manipulation of the argument Name results in cross site scripting. The attack may be launched remotely. The exploit is no...

SourceCodester Pizzafy Ecommerce System 访问控制错误漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System contains a security vulnerability related to access control. This vulnerability arises from improper handling of the img parameter in...

PT-2026-36014

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function save menu of the file /admin/ajax.php?action=save menu. Performing a manipulation results in sql injection. The attack can be initiated remotely. The exploit is now public and may b...

CVE-2026-7297

A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function saveuser of the file /admin/ajax.php?action=saveuser. Executing a manipulation of the argument Name can lead to cross site scripting. The attack can be executed remotely. The...

CVE-2026-7295

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function savemenu of the file /admin/ajax.php?action=savemenu. Such manipulation of the argument Name leads to cross site scripting. The attack may be launched remotely. The exploit has be...

CVE-2026-7293

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function deletecategory of the file /admin/ajax.php?action=deletecategory. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit is now public and...

CVE-2026-7297

A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function saveuser of the file /admin/ajax.php?action=saveuser. Executing a manipulation of the argument Name can lead to cross site scripting. The attack can be executed remotely. The...

CVE-2026-7297

SourceCodester Pizzafy Ecommerce System 1.0 contains a cross-site scripting flaw in the save_user function at /admin/ajax.php?action=save_user. Manipulating the Name argument can trigger XSS; the attack can be executed remotely and exploit information is publicly disclosed. The connected document...

CVE-2021-36438

SQL Injection vulnerability exists in Sourcecodester Online Job Portal phppdo 1.0 ivia the category parameter in /jobportal/index.php...