216308 matches found
CVE-2026-7268
A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This impacts the function savecategory of the file /admin/ajax.php?action=savecategory. Such manipulation of the argument Name leads to sql injection. The attack may be performed from remote. The exploit has been...
CVE-2026-7268
SourceCodester Pizzafy Ecommerce System 1.0 is affected. The vulnerability exists in the save_category function of /admin/ajax.php?action=save_category, where manipulating the Name parameter leads to SQL injection. The issue is exploitable remotely and the exploit has been disclosed publicly. The...
CVE-2026-7268 SourceCodester Pizzafy Ecommerce System ajax.php save_category sql injection
A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This impacts the function savecategory of the file /admin/ajax.php?action=savecategory. Such manipulation of the argument Name leads to sql injection. The attack may be performed from remote. The exploit has been...
EUVD-2026-26033
A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects an unknown function of the file /viewprod.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...
CVE-2026-7267 SourceCodester Pizzafy Ecommerce System view_prod.php sql injection
A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects an unknown function of the file /viewprod.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...
CVE-2026-7267 SourceCodester Pizzafy Ecommerce System view_prod.php sql injection
A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects an unknown function of the file /viewprod.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...
CVE-2026-7266
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. The impacted element is the function saveorder of the file /admin/ajax.php?action=saveorder. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public an...
EUVD-2026-26032
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. The impacted element is the function saveorder of the file /admin/ajax.php?action=saveorder. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public an...
CVE-2026-7266 SourceCodester Pizzafy Ecommerce System ajax.php save_order sql injection
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. The impacted element is the function saveorder of the file /admin/ajax.php?action=saveorder. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public an...
CVE-2026-7265 SourceCodester Pizzafy Ecommerce System index.php category sql injection
A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function Category of the file pizza/index.php?page=category. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploi...
CVE-2026-7264
A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function getcartitems of the file /admin/ajax.php?action=getcartitems. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been ma...
GHSA-63C8-M9M2-CVR3 Spring AI has SQL Injection in CosmosDBVectorStore.doDelete()
SQL injection vulnerability in Spring AI's CosmosDBVectorStore allows attackers to execute arbitrary SQL queries via crafted document IDs. Affected versions: Spring AI: 1.0.0 - 1.0.5 fixed in 1.0.6, 1.1.0 - 1.1.4 fixed in 1.1.5...
CVE-2026-7264
A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function getcartitems of the file /admin/ajax.php?action=getcartitems. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been ma...
CVE-2026-7264
SourceCodester Pizzafy Ecommerce System 1.0 contains a SQL injection flaw in the get_cart_items function (/admin/ajax.php?action=get_cart_items). The vulnerability is triggered by manipulating the ID argument, allowing remote exploitation. Public exploit material is available. No remediation deta...
CVE-2026-7264 SourceCodester Pizzafy Ecommerce System ajax.php get_cart_items sql injection
A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function getcartitems of the file /admin/ajax.php?action=getcartitems. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been ma...
CVE-2026-40978
SQL injection vulnerability in Spring AI's CosmosDBVectorStore allows attackers to execute arbitrary SQL queries via crafted document IDs. Affected versions: Spring AI: 1.0.0 - 1.0.5 fixed in 1.0.6, 1.1.0 - 1.1.4 fixed in 1.1.5...
CVE-2026-40978
SQL injection vulnerability in Spring AI's CosmosDBVectorStore allows attackers to execute arbitrary SQL queries via crafted document IDs. Affected versions: Spring AI: 1.0.0 - 1.0.5 fixed in 1.0.6, 1.1.0 - 1.1.4 fixed in 1.1.5...
CVE-2026-7229
A vulnerability was found in code-projects Coaching Management System 1.0. This affects an unknown function of the file /cims/modules/admin/reply.php of the component POST Handler. Performing a manipulation of the argument complaintreply results in sql injection. It is possible to initiate the...
CVE-2026-7226
A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. This issue affects the function login2 of the file /admin/ajax.php?action=login2. The manipulation of the argument e-mail leads to sql injection. Remote exploitation of the attack is possible. The exploit h...
CVE-2026-7227
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function Login of the file /admin/ajax.php?action=login. The manipulation of the argument e-mail results in sql injection. The attack can be executed remotely. The exploit is now public and may be used...