Bhaskar10

**Name of the Vulnerable Software and Affected Versions** SourceCodester Pizzafy Ecommerce System version 1.0 **Description** A remote file inclusion issue exists in the `/admin/index.php` endpoint. Manipulation of the `page` argument allows a remote attacker to include arbitrary files. **Recommendations** Update SourceCodester Pizzafy Ecommerce System to a version newer than 1.0. As a temporary workaround, restrict access to the `/admin/index.php` endpoint or avoid using the `page` parameter until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** SourceCodester Pizzafy Ecommerce System version 1.0 **Description** A remote file inclusion flaw exists in the `/index.php` file. By manipulating the `page` argument, a remote attacker can include external files into the application. **Recommendations** Update SourceCodester Pizzafy Ecommerce System version 1.0 to a patched version. As a temporary workaround, restrict or validate the input of the `page` argument in the `/index.php` file to prevent the inclusion of unauthorized files.