PT-2026-7076 · Unknown · Code-Projects Online Reviewer System

Shu For Security

Publicado

2026-02-09

Atualizado

2026-02-09

CVE-2026-2222

CVSS v3.1

4.8

Média

Vetor

AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions code-projects Online Reviewer System version 1.0

Description A security issue exists in code-projects Online Reviewer System 1.0. A manipulation of the firstname argument within the file '/system/system/admins/manage/users/btn functions.php' can lead to cross site scripting. This attack can be performed remotely. The exploit is publicly available.

Recommendations Address the manipulation of the firstname argument in the file '/system/system/admins/manage/users/btn functions.php' to prevent cross site scripting.

Exploit

Correção

XSS

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79CWE-94

Identificadores relacionados

CVE-2026-2222

Produtos afetados

Code-Projects Online Reviewer System

PT-2026-7076 · Unknown · Code-Projects Online Reviewer System

CVE-2026-2222

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10