CVE-2025-12300

A weakness has been identified in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addcategory.php. This manipulation of the argument cname causes cross site scripting. The attack can be initiated remotely. The exploit has been made available ...

CVE-2025-12300 code-projects Simple Food Ordering System addcategory.php cross site scripting

A weakness has been identified in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addcategory.php. This manipulation of the argument cname causes cross site scripting. The attack can be initiated remotely. The exploit has been made available ...

CVE-2025-12300

The CVE-2025-12300 entry concerns code-projects Simple Food Ordering System 1.0. A cross-site scripting vulnerability exists in the /addcategory.php handler via the cname parameter, originating from insufficient input filtering/escaping. Exploitation is remote and public in some reports. Affected...

CVE-2025-11613

A vulnerability was found in code-projects Simple Food Ordering System 1.0. Affected is an unknown function of the file /addcategory.php. The manipulation of the argument cname results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

Travel Management System SQL Injection Vulnerability

Travel Management System is a travel management system. Travel Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in parameter t1 in file /addcategory.php. An attacker can exploit this vulnerability to execute...

CVE-2024-51328

CVE-2024-51328 describes a cross-site scripting vulnerability in Projectworlds Travel Management System v1.0, specifically in the addcategory.php page. The issue arises from insufficient input handling of the t2 parameter, allowing a remote attacker to inject arbitrary script. The impact is user-...

CVE-2024-51328

Cross Site Scripting vulnerability in addcategory.php in projectworld's Travel Management System v1.0 allows remote attacker to inject arbitrary code via the t2 parameter...

CVE-2024-51328

Cross Site Scripting vulnerability in addcategory.php in projectworld's Travel Management System v1.0 allows remote attacker to inject arbitrary code via the t2 parameter...

CVE-2024-7838

A vulnerability was found in itsourcecode Online Food Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /addcategory.php. The manipulation of the argument cname leads to sql injection. The attack may be launched remotely. The...

PT-2024-38617 · Unknown · Sourcecodester Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Food Ordering System version 1.0 Description: A critical issue affects some unknown functionality of the file /addcategory.php. The manipulation of the cname argument leads to SQL injection. The attack can be launched...

CVE-2017-16799

In CMS Made Simple 2.2.3.1, in modules/New/action.addcategory.php, stored XSS is possible via the m1name parameter to admin/moduleinterface.php during addition of a category, a related issue to CVE-2010-3882...