| शीर्षक | SourceCodester Pizzafy Ecommerce System 1.0 SQL Injection (Error-Based) |
|---|
| विवरण | Pizzafy Ecommerce System 1.0 contains an authenticated error-based SQL Injection vulnerability in the save_settings functionality, specifically in the name parameter processed by the endpoint /pizzafy/admin/ajax.php?action=save_settings. The issue is caused by improper sanitization of user-supplied input before it is concatenated into an SQL UPDATE statement. An authenticated attacker with access to the administrative settings feature can inject arbitrary SQL expressions and trigger database errors that disclose backend information, such as the current database name. This vulnerability may be abused to enumerate database structure, extract sensitive records, and potentially modify application data. The root cause is unsafe dynamic SQL construction in the save_settings() method, which directly embeds POST parameters into the query without parameterized statements or sufficient input validation. This issue maps to CWE-89: Improper Neutralization of Special Elements used in an SQL Command. |
|---|
| स्रोत | ⚠️ https://github.com/r3ng4f/Pizzafy_1/edit/main/01-exploit.md |
|---|
| उपयोगकर्ता | r3ng4f (UID 73285) |
|---|
| सबमिशन | 13/04/2026 05:02 PM (2 महीनों पहले) |
|---|
| संयम | 29/04/2026 03:17 PM (16 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 360141 [SourceCodester Pizzafy Ecommerce System 1.0 Setting ajax.php?action=save_settings SQL इंजेक्शन] |
|---|
| अंक | 20 |
|---|