CVE-2025-56276

Medium CVSS: 5.4

code-projects Food Ordering Review System 1.0 is vulnerable to Cross Site Scripting (XSS) in the registration function. An attacker enters malicious JavaScript code as a username, which triggers the XSS vulnerability when the admin views user information, resulting in the disclosure of the admin's cookie information.

Vendor

Carmelo

Product

Food Ordering Review System

CWE

CWE-79

Yayın Tarihi

2025-09-16 14:15:55

Güncelleme

2025-09-18 16:49:14

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Food Ordering Review System MEDIUM Carmelo 2025

Referanslar

https://code-projects.org/food-ordering-review-system-in-php-with-source-code/ https://github.com/Chen1-Boop/CVE/blob/main/CVE-2025-56276.md https://github.com/Chen1-Boop/CVE/blob/main/CVE-2025-56276.md

Benzer Kayıtlar

Medium

CVE-2026-5019

A security vulnerability has been detected in code-projects Simple Food Order System 1.0. Affected by this vulnerability…

Medium

CVE-2026-5018

A weakness has been identified in code-projects Simple Food Order System 1.0. Affected is an unknown function of the fil…

Medium

CVE-2026-5017

A security flaw has been discovered in code-projects Simple Food Order System 1.0. This impacts an unknown function of t…

Medium

CVE-2026-4533

A vulnerability was detected in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown fu…

Medium

CVE-2026-3763

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. The affected element is an unknown f…

Medium

CVE-2026-3745

A vulnerability was found in code-projects Student Web Portal 1.0. Affected is an unknown function of the file profile.p…