Vulnerability Description
A vulnerability, which was classified as problematic, was found in code-projects Food Distributor Site 1.0. Affected is an unknown function of the file /admin/save_settings.php. The manipulation of the argument site_phone/site_email/address leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fabian | Food Distributor Site | 1.0 |
Related Weaknesses (CWE)
References
- https://code-projects.org/Product
- https://github.com/fubxx/CVE/blob/main/Food%20Distributor%20system%20XSS%202.mdExploitThird Party Advisory
- https://github.com/fubxx/CVE/blob/main/Food%20Distributor%20system%20XSS%203.mdExploitThird Party Advisory
- https://vuldb.com/?ctiid.314094Permissions RequiredVDB Entry
- https://vuldb.com/?id.314094Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.602600Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.602601Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.602602Third Party AdvisoryVDB Entry
FAQ
What is CVE-2025-6778?
CVE-2025-6778 is a vulnerability with a CVSS score of 2.4 (LOW). A vulnerability, which was classified as problematic, was found in code-projects Food Distributor Site 1.0. Affected is an unknown function of the file /admin/save_settings.php. The manipulation of th...
How severe is CVE-2025-6778?
CVE-2025-6778 has been rated LOW with a CVSS base score of 2.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-6778?
Check the references section above for vendor advisories and patch information. Affected products include: Fabian Food Distributor Site.