XSS in code-projects Online Shoe Store 1.0 /admin/admin_running.php (CVE-2026-5834)

Vulnerability Summary 1. Vulnerability Overview Vulnerability Name: code-projects Online Shoe Store 1.0 /admin/admin_running.php product_name cross-site scripting CVE ID: CVE-2026-5834 Vulnerability Type: Cross-Site Scripting (XSS) Detailed Description: This vulnerability exists in the application within the file. Attackers can inject malicious scripts by manipulating the parameter. The vulnerability is flagged as and falls under the CWE-79 category. Successful authentication is required to exploit this vulnerability, though the exploitation difficulty is rated as . 2. Scope of Impact Software Name: Online Shoe Store Affected Versions: 1.0 Vendor: code-projects Software Type: Project Management Software 3. Remediation Vendor Recommendation: No known mitigations are currently available. Recommended Action: It is advised to replace the affected component with an alternative product. Exploitation Prerequisites: Attackers must possess valid authentication credentials to exploit this vulnerability. 4. POC / Exploitation Code The page does not contain a specific POC code block directly, but provides the following exploitation-related information: POC Availability: Proof-of-Concept (PoC) code can be downloaded from GitHub. Google Hacking Search Query**: The following search query can be used to identify vulnerable targets:

Goal Reached Thanks to every supporter — we hit 100%!

XSS in code-projects Online Shoe Store 1.0 /admin/admin_running.php (CVE-2026-5834)