CVE-2026-4898 | code-projects Online Food Ordering System 1.0 /dbfood/contact.php Name cross site scripting

Inserito da Angelo Barbosa | Mar 26, 2026 | CVE

A vulnerability classified as problematic has been found in code-projects Online Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /dbfood/contact.php. The manipulation of the argument Name leads to cross site scripting.

This vulnerability is traded as CVE-2026-4898. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2026-4898 | code-projects Online Food Ordering System 1.0 /dbfood/contact.php Name cross site scripting

Post correlati

CVE-2024-50842 | Kashipara E-Learning Management System Project 1.0 HTTP POST Request school_year.php school_year cross site scripting

CVE-2023-49778 | Hakan Demiray Sayfa Sayac Plugin up to 2.6 on WordPress deserialization

CVE-2024-37905 | goauthentik prior 2024.2.4/2024.4.2/2024.6.0 API-Access-Token access control (GHSA-c78c-2r9w-p7x4)

CVE-2024-51661 | David Lingren Media Library Assistant Plugin up to 3.19 on WordPress os command injection