CVE-2025-12300 | code-projects Simple Food Ordering System 1.0 /addcategory.php cname cross site scripting

Inserito da Angelo Barbosa | Ott 26, 2025 | CVE

A vulnerability was found in code-projects Simple Food Ordering System 1.0. It has been classified as problematic. This issue affects some unknown processing of the file /addcategory.php. This manipulation of the argument cname causes cross site scripting.

This vulnerability is handled as CVE-2025-12300. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2025-12300 | code-projects Simple Food Ordering System 1.0 /addcategory.php cname cross site scripting

Post correlati

CVE-2024-5639 | User Profile Picture Plugin up to 2.6.1 on WordPress resource injection

CVE-2023-28871 | NCP Secure Enterprise Client up to 12.21 symlink (usd-2022-0005)

CVE-2024-35345 | Diño Physics School Assistant 2.3 /classes/Users.php id cross site scripting

CVE-2024-29848 | Ivanti Avalanche FileStoreConfig unrestricted upload