CVE Catalog

CVE-2026-13571

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Summary

A vulnerability has been found in SourceCodester Simple Food Ordering System 1.0 in the file /cart.php. Manipulation of the item_price argument can lead to business logic errors. The attack can be performed remotely and the exploit has been published.

Risk Assessment

The organization is at risk of order price manipulation, which may result in financial losses and compromise the integrity of the ordering process.

Recommendation

Immediately update the system to the latest version or apply a security patch that validates the item_price argument in the /cart.php file.

Original NVD description (English source)

A flaw has been found in SourceCodester Simple Food Ordering System 1.0. The affected element is an unknown function of the file /cart.php. Executing a manipulation of the argument item_price can lead to business logic errors. The attack may be performed from remote. The exploit has been published and may be used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS