CVE-2026-13571

MEDIUM NVD

CVSS Score 5.3

Severity MEDIUM

Published Jun 29, 2026

Vendor unknown

Description

A flaw has been found in SourceCodester Simple Food Ordering System 1.0. The affected element is an unknown function of the file /cart.php. Executing a manipulation of the argument item_price can lead to business logic errors. The attack may be performed from remote. The exploit has been published and may be used.

References

https://github.com/ogh-bnz/Simple-Food-Ordering-System/blob/main/Simple-Food-Ordering-System-Price-Manipulation.md
https://vuldb.com/cve/CVE-2026-13571
https://vuldb.com/submit/844355
https://vuldb.com/vuln/374579
https://vuldb.com/vuln/374579/cti