Submit #592780: CodeAstro Food Ordering System in PHP CodeIgniter 18/2021 Cross Site Scriptinginfo

TitleCodeAstro Food Ordering System in PHP CodeIgniter 18/2021 Cross Site Scripting
DescriptionA critical Stored Cross-Site Scripting (XSS) vulnerability was discovered in the stores section of Food Ordering System in PHP CodeIgniter. Attackers can inject malicious JavaScript via the patname field (POST parameter), which gets persistently stored in the database and executed whenever the profile page is viewed.
Source⚠️ https://github.com/Vanshdhawan188/Food-Ordering-System-in-PHP-CodeIgniter-/blob/main/Stored%20Cross-Site%20Scripting%20(XSS).md
User
 Subhash Paudel (UID 66830)
Submission06/08/2025 17:24 (1 Year ago)
Moderation06/15/2025 12:42 (7 days later)
StatusAccepted
VulDB entry312600 [CodeAstro Food Ordering System 1.0 POST Request Parameter /admin/store/edit/ Restaurant Name/Address cross site scripting]
Points18

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!