CVE-2025-12301 code-projects Simple Food Ordering System editproduct.php unrestricted upload

A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Impacted is an unknown function of the file /editproduct.php. Such manipulation of the argument photo leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed...

CVE-2025-12300 code-projects Simple Food Ordering System addcategory.php cross site scripting

A weakness has been identified in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addcategory.php. This manipulation of the argument cname causes cross site scripting. The attack can be initiated remotely. The exploit has been made available ...

CVE-2025-12300

The CVE-2025-12300 entry concerns code-projects Simple Food Ordering System 1.0. A cross-site scripting vulnerability exists in the /addcategory.php handler via the cname parameter, originating from insufficient input filtering/escaping. Exploitation is remote and public in some reports. Affected...

CVE-2025-12300 code-projects Simple Food Ordering System addcategory.php cross site scripting

A weakness has been identified in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addcategory.php. This manipulation of the argument cname causes cross site scripting. The attack can be initiated remotely. The exploit has been made available ...

EUVD-2025-36222

A weakness has been identified in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addcategory.php. This manipulation of the argument cname causes cross site scripting. The attack can be initiated remotely. The exploit has been made available ...

CVE-2025-12298

A vulnerability was identified in code-projects Simple Food Ordering System 1.0. This affects an unknown part of the file /editcategory.php. The manipulation of the argument pname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and...

CVE-2025-12299

A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This vulnerability affects unknown code of the file /addproduct.php. The manipulation of the argument pname/category/price results in cross site scripting. It is possible to launch the attack remotely. The explo...

CVE-2025-12299

A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This vulnerability affects unknown code of the file /addproduct.php. The manipulation of the argument pname/category/price results in cross site scripting. It is possible to launch the attack remotely. The explo...

CVE-2025-12298

A vulnerability was identified in code-projects Simple Food Ordering System 1.0. This affects an unknown part of the file /editcategory.php. The manipulation of the argument pname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and...

CVE-2025-12299 code-projects Simple Food Ordering System addproduct.php cross site scripting

A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This vulnerability affects unknown code of the file /addproduct.php. The manipulation of the argument pname/category/price results in cross site scripting. It is possible to launch the attack remotely. The explo...

CVE-2025-12299 code-projects Simple Food Ordering System addproduct.php cross site scripting

A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This vulnerability affects unknown code of the file /addproduct.php. The manipulation of the argument pname/category/price results in cross site scripting. It is possible to launch the attack remotely. The explo...

EUVD-2025-36229

A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This vulnerability affects unknown code of the file /addproduct.php. The manipulation of the argument pname/category/price results in cross site scripting. It is possible to launch the attack remotely. The explo...

CVE-2025-12299

CVE-2025-12299 affects code-projects Simple Food Ordering System 1.0. The vulnerability is a cross-site scripting flaw in /addproduct.php, triggered by manipulating the pname, category, or price parameters. It can be exploited remotely, and multiple sources note that public exploits exist. Report...

CVE-2025-12298

The CVE-2025-12298 entry concerns code-projects’ Simple Food Ordering System 1.0, with a cross-site scripting (XSS) flaw in /editcategory.php via the pname parameter. Public exploitation is indicated across multiple connected sources (CNVD, RH, NVD, CVE list, etc.), suggesting remote initiation a...

CVE-2025-12298 code-projects Simple Food Ordering System editcategory.php cross site scripting

A vulnerability was identified in code-projects Simple Food Ordering System 1.0. This affects an unknown part of the file /editcategory.php. The manipulation of the argument pname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and...

CVE-2025-12298 code-projects Simple Food Ordering System editcategory.php cross site scripting

A vulnerability was identified in code-projects Simple Food Ordering System 1.0. This affects an unknown part of the file /editcategory.php. The manipulation of the argument pname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and...

PT-2025-43992

Name of the Vulnerable Software and Affected Versions code-projects Simple Food Ordering System version 1.0 Description A security flaw exists in code-projects Simple Food Ordering System 1.0. The issue affects unknown code within the /addproduct.php file. Manipulation of the pname/category/price...

PT-2025-44032

Name of the Vulnerable Software and Affected Versions code-projects Food Ordering System version 1.0 Description A flaw exists in code-projects Food Ordering System 1.0 where manipulation of the itemID argument in an unknown function within the '/admin/deleteitem.php' file can lead to SQL...

Food Ordering System SQL注入漏洞

Food Ordering System is a food ordering system by Siddhesh Personal Developer. A SQL injection vulnerability exists in Food Ordering System version 1.0, which stems from an incorrect manipulation of the parameter itemPrice in the file /admin/menu.php, which could lead to a SQL injection attack...

Code-Projects Simple Food Ordering System 代码问题漏洞

Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System has a file upload vulnerability that stems from the lack of valid validation of uploaded files by the parameter photo in the file /editproduct.php. No details of the vulnerability are available at this time...