Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
2.1
CVE-2026-10558: SourceCodester Pizzafy Ecommerce System: Remote File Inclusion Risk
CVE-2026-10558
Summary
The Pizzafy Ecommerce System, version 1.0, has a security flaw that allows an attacker to access and include unauthorized files on a website. This could potentially allow an attacker to access sensitive data or take control of the website. It's recommended to update to the latest version or seek assistance from a security expert to patch this vulnerability.
Original title
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is an unknown function of the file /admin/index.php. Performing a manipulation of the argument page results in ...
Original description
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is an unknown function of the file /admin/index.php. Performing a manipulation of the argument page results in file inclusion. The attack is possible to be carried out remotely. The exploit is now public and may be used.
nvd CVSS2.0
6.5
nvd CVSS3.1
6.3
nvd CVSS4.0
2.1
Vulnerability type
CWE-73
Published: 2 Jun 2026 · Updated: 2 Jun 2026 · First seen: 2 Jun 2026