SourceCodester Pizzafy Ecommerce System 注入漏洞

SourceCodester Pizzafy Ecommerce System is an open-source e-commerce system developed by SourceCodester. Version 1.0 of the SourceCodester Pizzafy Ecommerce System has a vulnerability related to SQL injection, which arises from improper handling of the parameter ID in the file admin/vieworder.php...

PT-2026-35955

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function save supplier of the file /ajax.php?action=save supplier. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been...

CRM Sistemas MegaCMS SQL注入漏洞

CRM Sistemas MegaCMS is a content management system provided by CRM Sistemas, which offers features for creating and managing website content. Version 12.0.0 of CRM Sistemas MegaCMS has a SQL injection vulnerability. This vulnerability stems from insufficient validation and cleaning of user input...

CVE-2026-7290

A vulnerability was determined in JeecgBoot up to 3.9.1. Impacted is the function SqlInjectionUtil of the file jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/SqlInjectionUtil.java of the component loadDict Endpoint. This manipulation of the argument keyword causes sql...

CVE-2024-46636

NASA Earth Observing System Data and Information System EOSDIS MODAPS v8.1 was discovered to contain a SQL injection vulnerability in the category parameter...

CVE-2021-36438

SQL Injection vulnerability exists in Sourcecodester Online Job Portal phppdo 1.0 ivia the category parameter in /jobportal/index.php...

CVE-2026-7293 SourceCodester Pizzafy Ecommerce System ajax.php delete_category sql injection

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function deletecategory of the file /admin/ajax.php?action=deletecategory. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit is now public and...

CVE-2026-7293

SourceCodester Pizzafy Ecommerce System 1.0 is affected by a SQL injection in the delete_category function (/admin/ajax.php?action=delete_category) via the ID parameter. Exploitation is possible remotely and the exploit is publicly available; CVSS metrics indicate a Medium-severity, network-based...

EUVD-2026-26137

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function deletecategory of the file /admin/ajax.php?action=deletecategory. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit is now public and...

Exploit for CVE-2026-42208

LiteLLM Proxy SQL Injection GHSA-r75f-5x8p-qvmc A reproduct...

CVE-2026-7290

JeecgBoot (up to version 3.9.1) contains a SQL injection flaw in the loadDict endpoint, specifically in SqlInjectionUtil.java. The vulnerability arises from how the keyword argument is processed within the SqlInjectionUtil component, enabling remote exploitation. Public disclosure of the exploit ...

CVE-2026-7290 JeecgBoot loadDict Endpoint SqlInjectionUtil.java SqlInjectionUtil sql injection

A vulnerability was determined in JeecgBoot up to 3.9.1. Impacted is the function SqlInjectionUtil of the file jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/SqlInjectionUtil.java of the component loadDict Endpoint. This manipulation of the argument keyword causes sql...

CVE-2026-7282

A vulnerability was identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function deleteexpired of the file /ajax.php?action=deleteexpired. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is...

CVE-2026-7283

A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function saveexpired of the file /ajax.php?action=saveexpired. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit ha...

Exploit for CVE-2026-42167

ProFTPD Vulnerability POCs Proof-of-concept demonstrations fo...

CVE-2026-7283

SourceCodester Pharmacy Sales and Inventory System 1.0 exposes a SQL injection in /ajax.php?action=save_expired caused by manipulating the ID argument. The flaw is remote‑exploitable and is associated with CVE-2026-7283. Public exploit availability is noted in the reports. The connected documents...

CVE-2026-7283 SourceCodester Pharmacy Sales and Inventory System ajax.php save_expired sql injection

A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function saveexpired of the file /ajax.php?action=saveexpired. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit ha...

EUVD-2026-26066

A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function saveexpired of the file /ajax.php?action=saveexpired. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit ha...

CVE-2026-7282

CVE-2026-7282 affects SourceCodester Pharmacy Sales and Inventory System v1.0. The vulnerability lies in /ajax.php?action=delete_expired, where manipulating the ID parameter enables SQL injection. It can be exploited remotely via a network attack and requires high privileges with no user interact...

CVE-2026-7282 SourceCodester Pharmacy Sales and Inventory System ajax.php delete_expired sql injection

A vulnerability was identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function deleteexpired of the file /ajax.php?action=deleteexpired. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is...