| 제목 | SourceCodester Pizzafy Ecommerce System using PHP and MySQL 1.0 SQL Injection |
|---|
| 설명 | The admin/view_order.php endpoint in Pizzafy Ecommerce System 1.0 fails to properly sanitize the id GET parameter before passing it to a MySQL query. An authenticated administrator can manipulate this parameter to inject arbitrary SQL, leading to full database compromise |
|---|
| 원천 | ⚠️ https://github.com/Xmyronn/SQL-Injection-in-Pizzafy-Ecommerce-System-admin-view_order.php.git |
|---|
| 사용자 | imad alvi (UID 97088) |
|---|
| 제출 | 2026. 04. 13. PM 01:17 (2 개월 ago) |
|---|
| 모더레이션 | 2026. 04. 29. AM 11:40 (16 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 360119 [SourceCodester Pizzafy Ecommerce System 1.0 GET Parameter /admin/view_order.php 아이디 SQL 주입] |
|---|
| 포인트들 | 18 |
|---|