Submit #802403: SourceCodester Pizzafy Ecommerce System 1.0 SQL Injectioninfo

TitleSourceCodester Pizzafy Ecommerce System 1.0 SQL Injection
DescriptionTitle: Pizzafy Ecommerce System 1.0 Vulnerability Type: SQL Injection (Based Error) Severity: HIGH Status: Unpatched Description: A Error-based SQL Injection vulnerability was discovered in the delete functionality of the Pizzafy Ecommerce System. This vulnerability occurs because the id parameter is not properly sanitized, allowing an attacker to inject malicious SQL commands into the backend database query. Affected Version: 1.0 Endpoint or paramter vulnerable: /pizza/admin/ajax.php?action=delete_menu PoC: id=1' References: https://www.sourcecodester.com/php/18708/pizzafy-ecommerce-system.html
Source⚠️ https://github.com/fernando-mengali/vulndb-submissions/blob/main/02-vul-SQLI.md
User
 Fernando Mengali (UID 83791)
Submission04/10/2026 20:32 (3 months ago)
Moderation04/27/2026 17:43 (17 days later)
StatusAccepted
VulDB entry359825 [SourceCodester Pizzafy Ecommerce System 1.0 ajax.php?action=delete_menu ID sql injection]
Points20

Do you know our Splunk app?

Download it now for free!