CVE-2026-13571 PUBLISHED

A flaw has been found in SourceCodester Simple Food Ordering System 1.0. The affected element is an unknown function of the file /cart.php. Executing a manipulation of the argument item_price can lead to business logic errors. The attack may be performed from remote. The exploit has been published and may be used.

• VDB-374579 | SourceCodester Simple Food Ordering System cart.php logic error
• VDB-374579 | CTI Indicators (IOB, IOC, IOA)
• CVE-2026-13571 | CVE Analysis and Report
• Submit #844355 | SourceCodester Simple Food Ordering System 1.0 Business Logic Errors
• https://github.com/ogh-bnz/Simple-Food-Ordering-System/blob/main/Simple-Food-Ordering-System-Price-Manipulation.md
• https://www.sourcecodester.com/

• Business Logic Errors CWE