Login Sign Up

CVE-2025-12299

4.3 MEDIUM
Cross-Site Scripting

📋 TL;DR

This vulnerability allows attackers to inject malicious scripts into the Simple Food Ordering System 1.0 through the /addproduct.php endpoint. When users view affected pages, these scripts execute in their browsers, potentially stealing session cookies or redirecting to malicious sites. Any organization using this specific version of the software is affected.

💻 Affected Systems

Products:
  • code-projects Simple Food Ordering System
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the /addproduct.php file specifically through pname, category, and price parameters.

📦 What is this software?

Simple Food Ordering System by Fabian

View all CVEs affecting Simple Food Ordering System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal administrator session cookies, gain full system control, deface websites, or redirect users to phishing/malware sites.

🟠

Likely Case

Session hijacking of regular users, credential theft, or website defacement through stored XSS payloads.

🟢

If Mitigated

Minimal impact with proper input validation and output encoding in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit details are publicly available on GitHub and vuldb.com. Attack requires ability to submit product data.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://code-projects.org/

Restart Required: No

Instructions:

1. Check vendor website for updates 2. Apply any available patches 3. Validate input sanitization in /addproduct.php

🔧 Temporary Workarounds

Input Validation and Output Encoding

all

Implement server-side validation of pname, category, and price parameters, and encode all output.

WAF Rule Implementation

all

Deploy web application firewall rules to block XSS payloads in product parameters.

🧯 If You Can't Patch

  • Disable or restrict access to /addproduct.php endpoint
  • Implement Content Security Policy (CSP) headers to restrict script execution

🔍 How to Verify

Check if Vulnerable:

Test /addproduct.php with XSS payloads in pname, category, or price parameters and check if they execute.

Check Version:

Check software documentation or configuration files for version information.

Verify Fix Applied:

Verify that XSS payloads in product parameters are properly sanitized and don't execute in browser.

📡 Detection & Monitoring

Log Indicators:

  • Unusual product names containing script tags or JavaScript in access logs
  • Multiple failed product addition attempts with suspicious parameters

Network Indicators:

  • HTTP requests to /addproduct.php with script tags or encoded payloads in parameters

SIEM Query:

source="web_logs" AND uri="/addproduct.php" AND (param="pname" OR param="category" OR param="price") AND (value="<script>" OR value="javascript:")

📊 Metadata

CVE ID: CVE-2025-12299
CVSS v3 Score: 4.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CWE: CWE-79
EPSS Score: 0.05% exploit probability (14.6th percentile)
Published: October 27, 2025
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-12299, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)