CVE-2026-5647

LOW NVD

CVSS Score 2.4

Severity LOW

Published Apr 06, 2026

Vendor unknown

Description

A vulnerability was detected in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /admin/admin_feature.php of the component Add Product Page. The manipulation of the argument product_name results in cross site scripting. The attack may be launched remotely. The exploit is now public and may be used.

References

https://code-projects.org/
https://github.com/Jacky159/Pub_0323/issues/1
https://vuldb.com/submit/786171
https://vuldb.com/vuln/355435
https://vuldb.com/vuln/355435/cti