PT-2026-28662 · Code Projects · Online Food Ordering System
Ahmadmarzook
·
Published
2026-03-26
·
Updated
2026-03-26
·
CVE-2026-4898
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
code-projects Online Food Ordering System version 1.0
Description
A flaw exists in code-projects Online Food Ordering System 1.0, specifically within an unknown functionality of the
/dbfood/contact.php file. Manipulating the Name parameter can lead to cross site scripting. This attack can be initiated remotely, and a public exploit is available.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
XSS
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Online Food Ordering System