जमा करें #802416: SourceCodester Pizzafy Ecommerce System 1.0 SQL Injectionजानकारी

शीर्षक	SourceCodester Pizzafy Ecommerce System 1.0 SQL Injection
विवरण	Title: Pizzafy Ecommerce System 1.0 Vulnerability Type: SQL Injection (Based Error) Severity: HIGH Status: Unpatched Description: A Error-based SQL Injection vulnerability was discovered in the SELECT functionality of the Pizzafy Ecommerce System. This vulnerability occurs because the id parameter and user_id column database is not properly sanitized, allowing an attacker to inject malicious SQL commands into the backend database query. Affected Version: 1.0 Endpoint or paramter vulnerable: /pizza/admin/ajax.php?action=get_cart_count&id=1 PoC: /pizza/admin/ajax.php?action=get_cart_count&id=1%20and%20extractvalue(1,%20concat(0x7e,%20version()))%20-- References: https://www.sourcecodester.com/php/18708/pizzafy-ecommerce-system.html
स्रोत	⚠️ https://github.com/fernando-mengali/vulndb-submissions/blob/main/05-vul-SQLI.md
उपयोगकर्ता	Fernando Mengali (UID 83791)
सबमिशन	10/04/2026 08:46 PM (2 महीनों पहले)
संयम	27/04/2026 05:43 PM (17 days later)
स्थिति	स्वीकृत
VulDB प्रविष्टि	359828 [SourceCodester Pizzafy Ecommerce System 1.0 ajax.php?action=get_cart_count पहचान SQL इंजेक्शन]
अंक	20

Might our Artificial Intelligence support you?

Check our Alexa App!