CVE Details
Basic Information
| Title |
SourceCodester Food Menu Manager Add Menu index.php cross site scripting |
| Type |
cve |
| Published |
2025-06-05T01:31:05.484Z |
| Last Seen |
|
Product Information
| Vendor |
SourceCodester |
| Product |
Food Menu Manager |
| Version |
1.0 |
CVSS Information
| Base Score |
5.1 (MEDIUM) |
| Attack Vector |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
| Confidentiality Impact |
|
| Integrity Impact |
|
| Availability Impact |
|
AI Analysis
| AI Description |
A cross-site scripting vulnerability exists in the Add Menu Handler component of SourceCodester Food Menu Manager 1.0. Attackers can exploit this by injecting malicious scripts into the ‘name’ or ‘description’ parameters, potentially compromising user sessions or redirecting to malicious sites. The vulnerability is remotely exploitable and has been publicly disclosed. |
| AI Severity |
Medium |
| Vendor |
SourceCodester |
| Product |
Food Menu Manager |
| Affected Version |
1.0 |
Additional Information
| CVE List |
|
| CWE List |
CWE-79, CWE-94 |
| Bulletin Family |
|
| Source Data |
SourceCodester Food Menu Manager 1.0 |
Source Information
| Source Data |
SourceCodester Food Menu Manager 1.0 |
| Source Link |
|
Description
A vulnerability, which was classified as problematic, has been found in SourceCodester Food Menu Manager 1.0. Affected by this issue is some unknown functionality of the file /index.php of the component Add Menu Handler. The manipulation of the argument name/description leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score Summary
View Full CVE Details
