Code-Projects Online Restaurant Management System 注入漏洞

Code-Projects Online Restaurant Management System is a Code-Projects open source online restaurant management system. Code-Projects Online Restaurant Management System version 1.0 suffers from an injection vulnerability that originates from improper handling of the parameter menu in the...

RuoYi 安全漏洞

RuoYi is a backend management system by the individual developer of RuoYi in China. A security vulnerability exists in RuoYi version v.4.8.0, which stems from the add method not properly verifying the requested user's permissions, which may result in the addition of a menu item...

Online Restaurant Management System SQL注入漏洞

Online Restaurant Management System is a Code-projects open source online restaurant management system . Online Restaurant Management System version 1.0 has a SQL injection vulnerability, the vulnerability stems from the /admin/menusave.php file improper handling of the parameter menu, which may...

CVE-2025-28409

The CVE-2025-28409 entry concerns RUoYi v4.8.0 where the add/{parentId} endpoint does not properly validate whether the requesting user has permission to add a menu item under the specified parentId, enabling privilege escalation. Affected software is RUoYi v4.8.0; the underlying issue is insuffi...

CVE-2025-3323

A vulnerability classified as critical was found in godcheese/code-projects Nimrod 0.8. Affected by this vulnerability is the function searchAllByName of the file ViewMenuCategoryRestController.java. The manipulation of the argument Name leads to sql injection. The attack can be launched remotely...

CVE-2025-3157

A vulnerability was found in Intelbras WRN 150 1.0.15ptITB01. It has been rated as problematic. This issue affects some unknown processing of the component Wireless Menu. The manipulation of the argument SSID leads to cross site scripting. The attack may be initiated remotely. The exploit has bee...

CVE-2025-31525

Missing Authorization vulnerability in WP Messiah WP Mobile Bottom Menu mobile-bottom-menu-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mobile Bottom Menu: from n/a through = 1.4.0...

CVE-2025-3157 Intelbras WRN 150 Wireless Menu cross site scripting

A vulnerability was found in Intelbras WRN 150 1.0.15ptITB01. It has been rated as problematic. This issue affects some unknown processing of the component Wireless Menu. The manipulation of the argument SSID leads to cross site scripting. The attack may be initiated remotely. The exploit has bee...

CVE-2025-3157 Intelbras WRN 150 Wireless Menu cross site scripting

A vulnerability was found in Intelbras WRN 150 1.0.15ptITB01. It has been rated as problematic. This issue affects some unknown processing of the component Wireless Menu. The manipulation of the argument SSID leads to cross site scripting. The attack may be initiated remotely. The exploit has bee...

CVE-2025-3157

CVE-2025-3157 affects Intelbras WRN 150 firmware version 1.0.15_pt_ITB01, specifically the Wireless Menu component. The root cause is improper handling/manipulation of the SSID argument, which enables cross-site scripting (XSS). The vulnerability can be exploited remotely, and public disclosures ...

Intelbras WRN 150 代码注入漏洞

The Intelbras WRN 150 is a wireless router from Intelbras Brazil. A code injection vulnerability exists in the Intelbras WRN 150 version 1.0.15ptITB01, which stems from the fact that incorrect manipulation of the parameter SSID by the wireless menu component can lead to cross-site scripting attac...

PT-2025-14722 · Intelbras · Intelbras Wrn 150

Name of the Vulnerable Software and Affected Versions: Intelbras WRN 150 version 1.0.15 pt ITB01 Description: A issue was found in the Wireless Menu component, where the manipulation of the SSID argument leads to cross-site scripting. This can be initiated remotely. The vendor has stated that the...

CVE-2025-31525

Missing Authorization vulnerability in WP Messiah WP Mobile Bottom Menu mobile-bottom-menu-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mobile Bottom Menu: from n/a through = 1.4.0...

CVE-2025-31525 WordPress WP Mobile Bottom Menu plugin <= 1.4.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Messiah WP Mobile Bottom Menu mobile-bottom-menu-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mobile Bottom Menu: from n/a through = 1.4.0...

CVE-2025-31525 WordPress WP Mobile Bottom Menu plugin <= 1.4.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Messiah WP Mobile Bottom Menu mobile-bottom-menu-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mobile Bottom Menu: from n/a through = 1.4.0...

CVE-2025-31525

Technical details for CVE-2025-31525 are not provided in the supplied connected documents. The Initial Description notes a Missing Authorization issue in WP Mobile Bottom Menu; monitor vendor advisories and patch availability for updates.

PT-2025-14417 · WordPress · Wp Mobile Bottom Menu

Name of the Vulnerable Software and Affected Versions: WP Mobile Bottom Menu versions 1.2.9 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For WP Mobile Bottom...

WordPress WP Mobile Bottom Menu plugin <= 1.4.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peter Thaleikis in WordPress Plugin WP Mobile Bottom Menu versions = 1.4.0...

CVE-2024-58128

In MISP before 2.4.193, menucustomrightlink parameters can be set via the UI i.e., without using the CLI and thus attackers with admin privileges can conduct XSS attacks via a global menu link...

CVE-2025-30912

Cross-Site Request Forgery CSRF vulnerability in Wow-Company Float menu float-menu allows Cross Site Request Forgery.This issue affects Float menu: from n/a through = 6.1.2...