CVE-2024-57326 – A reflected XSS vulnerability in Online Pizza D... (How to Fix)

📋 TL;DR

A reflected XSS vulnerability in Online Pizza Delivery System 1.0 allows attackers to inject malicious JavaScript via the search parameter in search.php. This affects all users who access the vulnerable search functionality. Attackers can steal session cookies, redirect users, or perform actions on their behalf.

💻 Affected Systems

Products:

Online Pizza Delivery System

Versions: 1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in default installation. Requires search.php to be accessible and search parameter to be processed.

📦 What is this software?

Online Pizza Delivery System by Online Pizza Delivery System Project

View all CVEs affecting Online Pizza Delivery System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker steals admin session cookies, gains full system control, accesses customer PII, and modifies orders/payments.

🟠

Likely Case

Attacker steals user session cookies to hijack accounts, redirects users to phishing sites, or performs limited actions within user context.

🟢

If Mitigated

With proper input sanitization and Content Security Policy, impact is limited to script execution in isolated sandbox without access to sensitive data.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple reflected XSS with public proof-of-concept available. No authentication required to trigger vulnerability.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

1. Download search.php from GitHub reference
2. Replace vulnerable search.php file
3. Add input validation to sanitize search parameter
4. Implement Content Security Policy headers

🔧 Temporary Workarounds

Input Sanitization

all

Add HTML entity encoding to search parameter before output

$search = htmlspecialchars($_GET['search'], ENT_QUOTES, 'UTF-8');

WAF Rule

all

Block requests containing script tags in search parameter

ModSecurity rule: SecRule ARGS:search "@rx <script" "id:1001,phase:2,deny"

🧯 If You Can't Patch

Disable search.php functionality if not essential
Implement strict Content Security Policy to block inline scripts

🔍 How to Verify

Check if Vulnerable:

Access search.php?search=<script>alert('XSS')</script> and check if alert executes

Check Version:

Check system documentation or about page for version information

Verify Fix Applied:

Test same payload and verify no script execution occurs

📡 Detection & Monitoring

Log Indicators:

HTTP requests to search.php with script tags in parameters
Unusual search patterns with HTML/JavaScript syntax

Network Indicators:

HTTP requests containing <script> tags in GET parameters
Multiple rapid requests to search.php with encoded payloads

SIEM Query:

source="web_logs" AND uri="*search.php*" AND (param="*<script>*" OR param="*javascript:*")

📊 Metadata

CVE ID: CVE-2024-57326

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.09% exploit probability (25.9th percentile)

Published: January 23, 2025

Last Updated: June 27, 2025

🔗 References

https://github.com/fatihtuzunn/CVEs/tree/main/CVE-2024-57326 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-57326, you might also want to check these: