CVE-2026-2224 | code-projects Online Reviewer System 1.0 btn_functions.php firstname cross site scripting

Inserito da Angelo Barbosa | Feb 8, 2026 | CVE

A vulnerability categorized as problematic has been discovered in code-projects Online Reviewer System 1.0. This affects an unknown part of the file /system/system/admins/manage/users/btn_functions.php. The manipulation of the argument firstname results in cross site scripting.

This vulnerability is known as CVE-2026-2224. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2026-2224 | code-projects Online Reviewer System 1.0 btn_functions.php firstname cross site scripting

Post correlati

CVE-2025-4373 | GNOME GLib up to 2.84.1 glib/gstring.c g_string_insert_unichar buffer overflow

CVE-2025-62076 | Simple Payment Plugin up to 2.4.6 on WordPress cross site scripting

CVE-2026-1285 | Django up to 4.2.27/5.2.10/6.0.1 django.utils.text.Truncator.chars/Truncator.words algorithmic complexity

CVE-2024-32866 | edmundhung conform up to 1.1.0 parseWith prototype pollution (GHSA-624g-8qjg-8qxf)