Отправить #802387: SourceCodester Pizzafy Ecommerce System 1.0 SQL InjectionИнформация

Название	SourceCodester Pizzafy Ecommerce System 1.0 SQL Injection
Описание	Title: Pizzafy Ecommerce System 1.0 Vulnerability Type: SQL Injection (Based Error) Severity: HIGH Status: Unpatched Description: A Error-based SQL Injection vulnerability was discovered in the delete cart functionality of the Pizza Ecommerce System. This vulnerability occurs because the id parameter is not properly sanitized, allowing an attacker to inject malicious SQL commands into the backend database query. Affected Version: 1.0 Endpoint or paramter vulnerable: /pizza/admin/ajax.php?action=delete_cart PoC: -1 OR extractvalue(1,concat(0x7e,database())) -- References: https://www.sourcecodester.com/php/18708/pizzafy-ecommerce-system.html
Источник	⚠️ https://github.com/fernando-mengali/vulndb-submissions/blob/main/01-vul-SQLI.md
Пользователь	Fernando Mengali (UID 83791)
Представление	10.04.2026 20:26 (2 месяцы назад)
Модерация	27.04.2026 17:43 (17 days later)
Статус	принято
Запись VulDB	359824 [SourceCodester Pizzafy Ecommerce System 1.0 ajax.php?action=delete_cart ИД SQL-инъекция]
Баллы	20

Do you need the next level of professionalism?

Upgrade your account now!