Enviar #802415: SourceCodester Pizzafy Ecommerce System 1.0 SQL Injectioninformación

TítuloSourceCodester Pizzafy Ecommerce System 1.0 SQL Injection
DescripciónTitle: Pizzafy Ecommerce System 1.0 Vulnerability Type: SQL Injection (Based Error) Severity: HIGH Status: Unpatched Description: A Error-based SQL Injection vulnerability was discovered in the SELECT functionality of the Pizzafy Ecommerce System. This vulnerability occurs because the e-mail parameter is not properly sanitized, allowing an attacker to inject malicious SQL commands into the backend database query. Affected Version: 1.0 Endpoint or paramter vulnerable: POST /pizza/admin/ajax.php?action=login PoC: username=-1' union select 1,2,database(),version(),5%23&password=password References: https://www.sourcecodester.com/php/18708/pizzafy-ecommerce-system.html
Fuente⚠️ https://github.com/fernando-mengali/vulndb-submissions/blob/main/04-vul-SQLI.md
Usuario
 Fernando Mengali (UID 83791)
Sumisión2026-04-10 20:41 (hace 2 meses)
Moderación2026-04-27 17:43 (17 days later)
EstadoAceptado
Entrada de VulDB359827 [SourceCodester Pizzafy Ecommerce System 1.0 ajax.php?action=login e-mail inyección SQL]
Puntos20

AnteriorVisión De ConjuntoPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!