Sourcecodester Gadget Works Online Ordering System in PHP/MySQLi is an online ordering system for Gadget Works developed using PHP/MySQLi. The main goal of this online ordering system is to improve customer convenience. Sourcecodester Gadget Works Online Ordering System in PHP/MySQLi 1.0 is vulnerable to a cross-site scripting vulnerability that originates in the category/index.php add function in the Category parameter of category/index.php. An attacker could exploit this vulnerability to insert malicious code.