जमा करें #831321: SourceCodester Pizzafy E-Commerce System 1.0 SQL injectionजानकारी

शीर्षकSourceCodester Pizzafy E-Commerce System 1.0 SQL injection
विवरणDuring the security review of Pizzafy E-Commerce System v1.0, a critical SQL injection vulnerability was discovered in the administrator authentication mechanism. This vulnerability stems from insufficient user input validation of the `username` parameter in the login form, allowing attackers to inject malicious SQL queries. Since this is the gateway to the administrative control panel and requires no prior authentication, exploitation is trivial for any remote attacker.
स्रोत⚠️ https://github.com/nuiifornet/A033/blob/main/pizzafy-vulnerability.md
उपयोगकर्ता
 Fklov (UID 98102)
सबमिशन16/05/2026 04:03 AM (20 दिन पहले)
संयम02/06/2026 07:44 PM (18 days later)
स्थितिस्वीकृत
VulDB प्रविष्टि368017 [SourceCodester Pizzafy E-Commerce System 1.0 Administrative Control Panel admin_class_novo.php login उपयोगकर्ता नाम SQL इंजेक्शन]
अंक20

पिछलासिंहावलोकनअगला

Do you need the next level of professionalism?

Upgrade your account now!