Enviar #831321: SourceCodester Pizzafy E-Commerce System 1.0 SQL injectioninformación

Título	SourceCodester Pizzafy E-Commerce System 1.0 SQL injection
Descripción	During the security review of Pizzafy E-Commerce System v1.0, a critical SQL injection vulnerability was discovered in the administrator authentication mechanism. This vulnerability stems from insufficient user input validation of the `username` parameter in the login form, allowing attackers to inject malicious SQL queries. Since this is the gateway to the administrative control panel and requires no prior authentication, exploitation is trivial for any remote attacker.
Fuente	⚠️ https://github.com/nuiifornet/A033/blob/main/pizzafy-vulnerability.md
Usuario	Fklov (UID 98102)
Sumisión	2026-05-16 04:03 (hace 22 días)
Moderación	2026-06-02 19:44 (18 days later)
Estado	Aceptado
Entrada de VulDB	368017 [SourceCodester Pizzafy E-Commerce System 1.0 Administrative Control Panel admin_class_novo.php login Nombre de usuario inyección SQL]
Puntos	20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!