NEXTGUARD
UNKNOWNCVE-2026-5647

code-projects Online Shoe Store Add Product admin_feature.php cross site scripting

Platform

php

Component

online-shoe-store

View on NVD

A vulnerability was detected in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /admin/admin_feature.php of the component Add Product Page. The manipulation of the argument product_name results in cross site scripting. The attack may be launched remotely. The exploit is now public and may be used.

How to fix

Actualice el plugin Online Shoe Store a la última versión disponible para mitigar la vulnerabilidad de XSS.  Verifique y sanee todas las entradas de usuario, especialmente el campo 'product_name', para prevenir la inyección de código malicioso. Implemente medidas de seguridad adicionales, como la codificación de salida, para proteger contra ataques XSS.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free
CVE-2026-5647 — Vulnerability Details | NextGuard | NextGuard