CVE-2025-6778

Name of the Vulnerable Software and Affected Versions: code-projects Food Distributor Site version 1.0

Description: A vulnerability was found in the code-projects Food Distributor Site, affecting an unknown function of the file /admin/save settings.php. The manipulation of the argument site phone, site email, or address leads to cross-site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Recommendations: For code-projects Food Distributor Site version 1.0, as a temporary workaround, consider disabling the functionality related to the file /admin/save settings.php until a patch is available. Restrict access to the site phone, site email, and address arguments in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.