CVE-2026-13571 MEDIUM

CVE-2026-13571: SourceCodester Simple Food Ordering System cart.php logic error

Vendor Sourcecodester

Product Simple Food Ordering System

Weakness CWE-840

Published June 29, 2026

Last update June 29, 2026

View on NVD All CVEs

CVSS base score

6.9/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A flaw has been found in SourceCodester Simple Food Ordering System 1.0. The affected element is an unknown function of the file /cart.php. Executing a manipulation of the argument item_price can lead to business logic errors. The attack may be performed from remote. The exploit has been published and may be used.

Key dates

02Disclosure timeline

June 29, 2026 CVE published

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-13571 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/840.html

Related vulnerabilities

CVE-2026-13571: SourceCodester Simple Food Ordering System cart.php logic error

01Description

02Disclosure timeline

03References

04Related CVE