CVE-2026-2222 | code-projects Online Reviewer System 1.0 btn_functions.php firstname cross site scripting

Inserito da Angelo Barbosa | Feb 8, 2026 | CVE

A vulnerability was found in code-projects Online Reviewer System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /system/system/admins/manage/users/btn_functions.php. Executing a manipulation of the argument firstname can lead to cross site scripting.

This vulnerability appears as CVE-2026-2222. The attack may be performed from remote. In addition, an exploit is available.

CVE-2026-2222 | code-projects Online Reviewer System 1.0 btn_functions.php firstname cross site scripting

Post correlati

CVE-2024-25594 | MyWaze Plugin up to 1.6 on WordPress Shortcode cross site scripting

CVE-2024-13685 | Admin and Site Enhancements Plugin up to 7.6.9 on WordPress Login authentication spoofing

CVE-2024-38105 | Microsoft Windows up to Server 2022 23H2 Layer-2 Bridge Network Driver denial of service

CVE-2025-11481 | varunsardana004 Blood-Bank-And-Donation-Management-System up to dc9e0393d826fbc85fad9755b5bc12cba1919df2 /donate_blood.php fullname sql injection