A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0 . It has been rated as critical . Impacted is an unknown function of the file /admin/index.php . Performing a manipulation of the argument page results in file inclusion. This vulnerability is reported as CVE-2026-10558 . The attack is possible to be carried out remotely. Moreover, an exploit is present.