Vulnerability Key Information Summary 1. Vulnerability Overview Vulnerability Name: code-projects Online Food Ordering System 1.0 Order /form/order.php cust_id cross-site scripting CVE ID: CVE-2026-5157 Vulnerability Type: Cross-Site Scripting (XSS) CVSS Score: 4.3 (CVSS v3) Vulnerability Description: A critical vulnerability was discovered in the component of . Attackers can exploit the parameter within the file to execute cross-site scripting attacks. This vulnerability allows for remote exploitation, and public Proof-of-Concept (PoC) code is available. 2. Scope of Impact Vendor: code-projects Product Name: Online Food Ordering System Affected Versions: 1.0 Affected Components/Files: The file under the component. 3. Remediation Known Mitigations: The page explicitly states that there is no information available regarding possible countermeasures at this time. Recommended Actions: It is recommended to replace the affected object or use an alternative product. 4. POC/Exploit Code The screenshot does not directly contain specific PoC or exploit code blocks. The page indicates that the exploit code can be downloaded from , providing the download ID .