CVE-2025-12299 | code-projects Simple Food Ordering System 1.0 /addproduct.php pname/category/price cross site scripting

Inserito da Angelo Barbosa | Ott 26, 2025 | CVE

A vulnerability was found in code-projects Simple Food Ordering System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /addproduct.php. The manipulation of the argument pname/category/price results in cross site scripting.

This vulnerability is known as CVE-2025-12299. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2025-12299 | code-projects Simple Food Ordering System 1.0 /addproduct.php pname/category/price cross site scripting

Post correlati

CVE-2024-23323 | envoyproxy envoy up to 1.26.6/1.27.2/1.28.0/1.29.0 resource consumption (GHSA-x278-4w4x-r7ch)

CVE-2024-8352 | Social Web Suite Plugin up to 4.1.11 on WordPress path traversal

CVE-2023-48286 | Accept Stripe Payments Plugin up to 2.0.79 on WordPress resource injection

CVE-2024-42248 | Linux Kernel up to 6.6.40/6.9.9 ma35d1 of_node null pointer dereference (23efa74cfe6e/0e0e15ab2d3a/acd09ac253b5)