PT-2026-29144 · Code Projects · Online Food Ordering System

Abhiram T

Publicado

2026-03-30

Atualizado

2026-03-31

CVE-2026-5157

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions code-projects Online Food Ordering System version 1.0

Description A cross-site scripting issue exists in the Order Module component, specifically within the file /form/order.php. Manipulation of the cust id argument can lead to the execution of malicious scripts. The attack can be performed remotely. The exploit is publicly available.

Recommendations Apply a fix for code-projects Online Food Ordering System version 1.0.

Exploit

Correção

Code Injection

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94CWE-79

Identificadores relacionados

CVE-2026-5157

Produtos afetados

Online Food Ordering System

PT-2026-29144 · Code Projects · Online Food Ordering System

CVE-2026-5157

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8