Submit #787684: SourceCodester Online Food Ordering System 1.0 Cross Site Scriptinginfo

Titel	SourceCodester Online Food Ordering System 1.0 Cross Site Scripting
Beschreibung	A stored cross-site scripting (XSS) vulnerability exists in Online Food Ordering System 1.0. The flaw is found in the Category management module within the admin panel (/admin/?page=maintenance). The application fails to sanitize the 'Category Name' POST parameter before storing it in the SQLite database. This allows an authenticated attacker to inject arbitrary JavaScript that executes whenever the category list is viewed by an administrator or user.
Quelle	⚠️ https://github.com/meifukun/Web-Security-PoCs/blob/main/Online-Food-Ordering-System/Stored-XSS-Category-Name.md
Benutzer	Anonymous User
Einreichung	25.03.2026 03:22 (vor 18 Tagen)
Moderieren	08.04.2026 17:22 (15 days later)
Status	Duplikat
VulDB Eintrag	353956 [SourceCodester Online Food Ordering System 1.0 Category Management Category Name Cross Site Scripting]
Punkte	0