Submeter #831321: SourceCodester Pizzafy E-Commerce System 1.0 SQL injectioninformação

TítuloSourceCodester Pizzafy E-Commerce System 1.0 SQL injection
DescriçãoDuring the security review of Pizzafy E-Commerce System v1.0, a critical SQL injection vulnerability was discovered in the administrator authentication mechanism. This vulnerability stems from insufficient user input validation of the `username` parameter in the login form, allowing attackers to inject malicious SQL queries. Since this is the gateway to the administrative control panel and requires no prior authentication, exploitation is trivial for any remote attacker.
Fonte⚠️ https://github.com/nuiifornet/A033/blob/main/pizzafy-vulnerability.md
Utilizador
 Fklov (UID 98102)
Submissão16/05/2026 04h03 (há 20 dias)
Moderação02/06/2026 19h44 (18 days later)
EstadoAceite
Entrada VulDB368017 [SourceCodester Pizzafy E-Commerce System 1.0 Administrative Control Panel admin_class_novo.php login Nome de utilizador Injeção SQL]
Pontos20

VoltarVisão GeralPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!