5 matches found
CVE-2025-5764
CVE-2025-5764 concerns code-projects Laundry System 1.0. The vulnerability is a cross-site scripting (XSS) flaw in the /data/insert_laundry.php file, triggered by manipulating the Customer parameter. Attackers may exploit this remotely, and the exploit has been publicly disclosed. Public document...
CVE-2025-5797
Code-projects Laundry System 1.0 contains a cross-site scripting (XSS) vulnerability in /data/insert_type.php via the Type parameter. The issue allows remote attacker input to inject scripts; exploit has been disclosed publicly and may be used. Supported by CNVD/CNNVD entries. There is no patch i...
CVE-2025-5765
CVE-2025-5765 affects code-projects Laundry System 1.0, with a cross-site scripting vulnerability in /data/edit_laundry.php via the Customer parameter. Root cause is improper input handling/escaping of user-supplied data, enabling arbitrary script execution. Exploitation is possible remotely and ...
CVE-2025-5796
CVE-2025-5796 concerns code-projects Laundry System 1.0. The vulnerability is a cross-site scripting flaw in the parameter Type of the file /data/edit_type.php . Publicly disclosed exploit enables remote abuse; multiple sources describe the issue as an input-filter/escaping weakness affecting unk...
CVE-2025-5766
CVE-2025-5766 concerns a cross-site request forgery in the code-projects Laundry System 1.0 . The vulnerability arises from a web application that does not adequately validate that a request comes from a trusted user, enabling an attacker to spoof a malicious request to trigger a sensitive operat...