CVE-2026-10704
SQL Injection in SourceCodester Pizzafy E-Commerce System
Publication date: 2026-06-03
Last updated on: 2026-06-03
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sourcecodester | pizzafy_e-commerce_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-10704 is a critical SQL injection vulnerability found in the Pizzafy E-Commerce System version 1.0, specifically in the administrator login function located in the file /admin/admin_class_novo.php.
The vulnerability occurs because the username parameter in the login request is directly inserted into a MySQL query without proper sanitization or use of parameterized queries.
This flaw allows attackers to inject malicious SQL code, enabling them to bypass authentication and log in as any user, including administrators, without knowing their passwords.
The login endpoint lacks authentication checks, making it remotely exploitable by anyone.
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to attackers gaining full administrative control over the Pizzafy E-Commerce System.
Attackers can bypass login authentication, enumerate credentials, and potentially execute remote code if combined with other vulnerabilities such as unauthenticated file upload flaws.
This can result in unauthorized access to sensitive data, manipulation of the system, and disruption of normal operations.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the /admin/ajax.php?action=login endpoint for SQL injection in the username POST parameter.
Tools like sqlmap can be used to automate detection, performing authentication bypass, boolean-based blind detection, UNION-based data extraction, and credential dumping.
- Use sqlmap with the target URL and POST data: sqlmap -u "http://target/admin/ajax.php?action=login" --data="username=admin&password=any" --risk=3 --level=5 --batch
- Manually test by injecting SQL payloads in the username field, such as 'admin' OR '1'='1' -- to check for authentication bypass.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing prepared statements or parameterized queries to prevent SQL injection.
- Add input validation and sanitization on the username parameter.
- Implement rate limiting and CAPTCHA to prevent automated brute-force attacks.
- Enable multi-factor authentication and account lockout policies to reduce risk of unauthorized access.
- Add audit logging to monitor suspicious login attempts.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The SQL injection vulnerability in the administrative login function of the Pizzafy E-Commerce System allows attackers to bypass authentication and gain full administrative control. This unauthorized access can lead to exposure, modification, or deletion of sensitive personal and payment data stored within the system.
Such unauthorized access and potential data breaches can result in non-compliance with data protection regulations like GDPR and HIPAA, which mandate strict controls over personal and health-related information. Failure to protect this data adequately may lead to legal penalties, reputational damage, and loss of customer trust.
Mitigations such as implementing prepared statements, multi-factor authentication, audit logging, and input validation are critical to reduce the risk of exploitation and help maintain compliance with these standards.