CVE-2025-6778

Sažetak

A vulnerability, which was classified as problematic, was found in code-projects Food Distributor Site 1.0. Affected is an unknown function of the file /admin/save_settings.php. The manipulation of the argument site_phone/site_email/address leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Reference

https://code-projects.org/
https://github.com/fubxx/CVE/blob/main/Food%20Distributor%20system%20XSS%202.md
https://github.com/fubxx/CVE/blob/main/Food%20Distributor%20system%20XSS%203.md
https://vuldb.com/?ctiid.314094
https://vuldb.com/?id.314094
https://vuldb.com/?submit.602600
https://vuldb.com/?submit.602601
https://vuldb.com/?submit.602602

CVSS

Base:	3.3
Impact:	2.9
Exploitability:	6.4

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	MULTIPLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:M/C:N/I:P/A:N

Zadnje važnije ažuriranje

27-06-2025 - 21:15

Objavljeno

27-06-2025 - 21:15