Lucene search
K

62 matches found

OSV
OSV
added 2023/01/27 9:15 p.m.6 views

CVE-2023-0555

The Quick Restaurant Menu plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.0.2. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke those...

5.4CVSS6.2AI score0.00602EPSS
Exploits1References3
Prion
Prion
added 2023/01/27 9:15 p.m.21 views

Authorization

The Quick Restaurant Menu plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.0.2. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke those...

5.5CVSS5.3AI score0.00602EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/27 12:0 a.m.10 views

PT-2023-16359 · WordPress · Quick Restaurant Menu

Name of the Vulnerable Software and Affected Versions: The Quick Restaurant Menu plugin for WordPress versions up to, and including, 2.0.2 Description: The issue allows authenticated attackers with subscriber-level permissions and above to bypass authorization and invoke actions intended for...

7.6CVSS5.5AI score0.00602EPSS
Exploits1References5
NVD
NVD
added 2022/06/23 5:15 p.m.12 views

CVE-2021-40956

LaiKetui v3.5.0 has SQL injection in the background through the menu management function, and sensitive data can be obtained...

7.5CVSS0.01033EPSS
Exploits1References1
OSV
OSV
added 2022/06/23 5:15 p.m.2 views

CVE-2021-40956

LaiKetui v3.5.0 has SQL injection in the background through the menu management function, and sensitive data can be obtained...

7.5CVSS5.8AI score0.01033EPSS
Exploits1References1
Prion
Prion
added 2022/06/23 5:15 p.m.11 views

Sql injection

LaiKetui v3.5.0 has SQL injection in the background through the menu management function, and sensitive data can be obtained...

5CVSS8AI score0.01033EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/06/23 9:31 a.m.24 views

CVE-2021-40956

LaiKetui v3.5.0 has SQL injection in the background through the menu management function, and sensitive data can be obtained...

8.2AI score0.01033EPSS
Exploits1References1
CVE
CVE
added 2022/06/23 9:31 a.m.65 views

CVE-2021-40956

CVE-2021-40956 affects LaiKetui v3.5.0, with SQL injection via the menu management function in the background that can expose sensitive data. This corresponds to multiple sources confirming SQL injection in LaikeTui v3.5.0. No explicit exploitation details or patched version are provided in the c...

7.5CVSS7.9AI score0.01033EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/06/23 12:0 a.m.9 views

LaikeTui SQL注入漏洞

LaikeTui Laike e-commerce is a stable and small open source mall system for individual developers. A security vulnerability exists in LaikeTui v3.5.0. Attackers use this vulnerability through the menu management function in the background of the SQL injection attack , in order to obtain sensitive...

7.5CVSS7.5AI score0.01033EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/06/14 12:0 a.m.5 views

Fast Food Ordering System SQL注入漏洞

Fast Food Ordering System is a fast food ordering system from Carlo Montero's personal developer. version 1.0 of Fast Food Ordering System is vulnerable to SQL injection, which originates from /ffos/admin/menus/managemenu.php?id= The page lacks validation for external input SQL statements, which...

7.2CVSS5.9AI score0.00909EPSS
Exploits1References2
CNVD
CNVD
added 2021/09/02 12:0 a.m.16 views

WTCMS Cross-Site Scripting Vulnerability (CNVD-2021-69271)

WTCMS is a content management system CMS based on ThinkPHP.A cross-site scripting vulnerability exists in the link fields under the menu management module of the WTCMS backend. No detailed vulnerability details are provided at this time...

5.4CVSS1.6AI score0.00531EPSS
Exploits1References1
OSV
OSV
added 2021/09/01 10:15 p.m.2 views

CVE-2020-20348

WTCMS 1.0 contains a stored cross-site scripting XSS vulnerability in the link field under the background menu management module...

5.4CVSS5.7AI score0.00531EPSS
Exploits1References1
Prion
Prion
added 2021/09/01 10:15 p.m.13 views

Cross site scripting

WTCMS 1.0 contains a stored cross-site scripting XSS vulnerability in the link field under the background menu management module...

3.5CVSS5.2AI score0.00531EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/09/01 9:25 p.m.15 views

CVE-2020-20348

WTCMS 1.0 contains a stored cross-site scripting XSS vulnerability in the link field under the background menu management module...

5.3AI score0.00531EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/09/01 12:0 a.m.7 views

WTCMS 跨站脚本漏洞

WTCMS is a content management system CMS based on ThinkPHP.A cross-site scripting vulnerability exists in the link fields under the menu management module of the WTCMS backend. No detailed vulnerability details are provided at this time...

5.4CVSS5.1AI score0.00531EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/08/26 12:0 a.m.7 views

spring-boot-admin 跨站脚本漏洞

spring-boot-admin is an open source backend management system based on Spring boot Mybatis , with user management , menu management and role management 3 functions , permission control to the button level . spring-boot-admin There is a security vulnerability that can be exploited by attackers to...

5.4CVSS6.2AI score0.00475EPSS
Exploits1References2
0day.today
0day.today
added 2018/04/17 12:0 a.m.169 views

Microsoft Window Manager (Windows 7 x86) - Menu Management Component UAF Privilege Elevation Exploit

Exploit for windows platform in category local exploits include include include include pragma commentlib, "psapi.lib" define POCDEBUG 0 if POCDEBUG == 1 define POCDEBUGBREAK getchar elif POCDEBUG == 2 define POCDEBUGBREAK DebugBreak else define POCDEBUGBREAK endif static PVOIDfastcall...

7.2CVSS0.2AI score0.10034EPSS
Exploits4
exploitpack
exploitpack
added 2018/03/26 12:0 a.m.12 views

Microsoft Windows Manager (7 x86) - Menu Management Component UAF Privilege Elevation

Microsoft Windows Manager 7 x86 - Menu Management Component UAF Privilege Elevation...

3.5AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Acuity CMS 2.7.1 - SQL Injection Vulnerability

No description provided by source. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ \ /\ \ \ /\ /\ \ \ \ \ \ \ / 1 1 \ \ \ \\ \ \ /\ \...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/02/24 12:0 a.m.73 views

XDcms Sql Injection 55-63

简要描述: Sql Injection 详细说明: 注入在XDCMS企业管理系统后台的菜单管理处,\system\modules\xdcms\menu.php文件: 用户在添加或者管理菜单时会调用addsave和editsave函数,9个注入点就出现在这两个函数里 addsave函数: public function addsave $title=$POST'title';//注入点1 $sort=intval$POST'sort'; $isshow=$POST'isshow';//注入点2 $groupid=$POST'groupid';//注入点3...

7.1AI score
Exploits0
Rows per page
Query Builder