PT-2026-7076 · Unknown · Code-Projects Online Reviewer System
Shu For Security
·
Published
2026-02-09
·
Updated
2026-02-09
·
CVE-2026-2222
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
code-projects Online Reviewer System version 1.0
Description
A security issue exists in code-projects Online Reviewer System 1.0. A manipulation of the
firstname argument within the file '/system/system/admins/manage/users/btn functions.php' can lead to cross site scripting. This attack can be performed remotely. The exploit is publicly available.Recommendations
Address the manipulation of the
firstname argument in the file '/system/system/admins/manage/users/btn functions.php' to prevent cross site scripting.Exploit
Fix
XSS
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Code-Projects Online Reviewer System