Gửi #802465: SourceCodester Pizzafy Ecommerce System 1.0 SQL Injectionthông tin

tiêu đề	SourceCodester Pizzafy Ecommerce System 1.0 SQL Injection
Mô tả	Title: Pizzafy Ecommerce System 1.0 Vulnerability Type: SQL Injection (Based Error) Severity: HIGH Status: Unpatched Description: A Error-based SQL Injection vulnerability was discovered in the SELECT functionality of the Pizzafy Ecommerce System. This vulnerability occurs because the name parameter and name column is not properly sanitized, allowing an attacker to inject malicious SQL commands into the backend database query. Affected Version: 1.0 Endpoint or parameter vulnerable: /pizza/admin/ajax.php?action=save_category PoC: ------WebKitFormBoundaryTgJxQBXajmMnccmX Content-Disposition: form-data; name="name" Pizza' ------WebKitFormBoundaryTgJxQBXajmMnccmX-- References: https://www.sourcecodester.com/php/18708/pizzafy-ecommerce-system.html
Nguồn	⚠️ https://github.com/fernando-mengali/vulndb-submissions/blob/main/10-vul-SQLI.md
Người dùng	Fernando Mengali (UID 83791)
Đệ trình	10/04/2026 21:28 (cách đây 2 các tháng)
Kiểm duyệt	28/04/2026 07:23 (17 days later)
Trạng thái	được chấp nhận
Mục VulDB	359919 [SourceCodester Pizzafy Ecommerce System 1.0 ajax.php?action=save_category Tên Tiêm SQL]
điểm	20

Do you know our Splunk app?

Download it now for free!