CVE Details
Basic Information
| Title | code-projects Laundry System edit_laundry.php cross site scripting |
|---|---|
| Type | cve |
| Published | 2025-06-06T12:31:07.174Z |
| Last Seen |
Product Information
| Vendor | code-projects |
|---|---|
| Product | Laundry System |
| Version | 1.0 |
CVSS Information
| Base Score | 5.1 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A cross-site scripting (XSS) vulnerability exists in code-projects Laundry System 1.0, specifically within the edit_laundry.php file. This vulnerability allows remote attackers to inject malicious scripts via the Customer argument, potentially leading to unauthorized actions on the affected system. |
|---|---|
| AI Severity | Medium |
| Vendor | code-projects |
| Product | Laundry System |
| Affected Version | 1.0 |
Affected Products
- code-projects Laundry System 1.0
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-79, CWE-94 |
| Bulletin Family |
References
Description
A vulnerability was found in code-projects Laundry System 1.0. It has been classified as problematic. This affects an unknown part of the file /data/edit_laundry.php. The manipulation of the argument Customer leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.