CVE-2024-24134

Sourcecodester Online Food Menu 1.0 is vulnerable to Cross Site Scripting XSS via the 'Menu Name' and 'Description' fields in the Update Menu section...

Sourcecodester Online Food Menu Security Vulnerability

Online Food Menu is an online food menu for rems individual developers. A security vulnerability exists in Sourcecodester Online Food Menu version 1.0, which results from a cross-site scripting XSS attack on the Menu Name and Description fields in the Update Menu section...

CVE-2024-24134

The CVE-2024-24134 entry pertains to Sourcecodester Online Food Menu 1.0, vulnerable to Cross Site Scripting (XSS) via the Update Menu fields “Menu Name” and “Description.” The issue is caused by unsanitized input in these fields, enabling script injection. Connected sources corroborate the XSS r...

PT-2024-20287 · Unknown · Sourcecodester Online Food Menu

Name of the Vulnerable Software and Affected Versions: Sourcecodester Online Food Menu version 1.0 Description: The issue concerns Cross Site Scripting XSS via the Menu Name and Description fields in the Update Menu section. This allows for potential malicious script injection. Recommendations: F...

WordPress plugin WP SOCIAL BOOKMARK MENU security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

CVE-2024-24134

Sourcecodester Online Food Menu 1.0 is vulnerable to Cross Site Scripting XSS via the 'Menu Name' and 'Description' fields in the Update Menu section...

CVE-2023-6066

The WP Custom Widget area WordPress plugin through 1.2.5 does not properly apply capability and nonce checks on any of its AJAX action callback functions, which could allow attackers with subscriber+ privilege to create, delete or modify menus on the site...

Cross site scripting

The WP Custom Widget area WordPress plugin through 1.2.5 does not properly apply capability and nonce checks on any of its AJAX action callback functions, which could allow attackers with subscriber+ privilege to create, delete or modify menus on the site...

CVE-2023-6066 WP Custom Widget Area <= 1.2.5 - Subscriber+ Menus Creation/Deletion/Update

The WP Custom Widget area WordPress plugin through 1.2.5 does not properly apply capability and nonce checks on any of its AJAX action callback functions, which could allow attackers with subscriber+ privilege to create, delete or modify menus on the site...

WordPress Plugin WP Custom Widget area security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2024-0505

A vulnerability was found in ZhongFuCheng3y Austin 1.0 and classified as critical. This issue affects the function getFile of the file com/java3y/austin/web/controller/MaterialController.java of the component Upload Material Menu. The manipulation leads to unrestricted upload. The exploit has bee...

CVE-2024-0505

A vulnerability was found in ZhongFuCheng3y Austin 1.0 and classified as critical. This issue affects the function getFile of the file com/java3y/austin/web/controller/MaterialController.java of the component Upload Material Menu. The manipulation leads to unrestricted upload. The exploit has bee...

Design/Logic Flaw

A vulnerability was found in ZhongFuCheng3y Austin 1.0 and classified as critical. This issue affects the function getFile of the file com/java3y/austin/web/controller/MaterialController.java of the component Upload Material Menu. The manipulation leads to unrestricted upload. The exploit has bee...

CVE-2024-0505 ZhongFuCheng3y Austin Upload Material Menu MaterialController.java getFile unrestricted upload

A vulnerability was found in ZhongFuCheng3y Austin 1.0 and classified as critical. This issue affects the function getFile of the file com/java3y/austin/web/controller/MaterialController.java of the component Upload Material Menu. The manipulation leads to unrestricted upload. The exploit has bee...

CVE-2024-0505

ZhongFuCheng3y Austin 1.0 is affected by a flaw in the getFile function of MaterialController.java (Upload Material Menu). The defect enables unrestricted file upload, as described across multiple sources, with exploit publicly disclosed. Affected component is the Upload Material Menu, file path ...

Austin security breach

Austin is a message push platform. A security vulnerability exists in ZhongFuCheng3y Austin version 1.0, which originates from a security issue in the getFile function in the com/java3y/austin/web/controller/MaterialController.java in the component Upload Material Menu. function in the component...

PT-2024-15622 · Unknown · Zhongfucheng3Y Austin

Name of the Vulnerable Software and Affected Versions: ZhongFuCheng3y Austin version 1.0 Description: A critical issue affects the getFile function of the MaterialController.java file in the Upload Material Menu component, leading to unrestricted upload. The exploit has been disclosed to the publ...

Exploit for Cross-site Scripting in Remyandrade Online_Food_Menu

CVE-2024-24134 : Online Food Menu - Cross-Site...

Exploit for Cross-site Scripting in Redhat Keycloak

Badges !MIT Licensehttps://img.shields.io/badge/Licens...

PHPJabbers Cinema Booking System 1.0 Cross Site Scripting

Exploit Title: PHPJabbers Cinema Booking System v1.0 - Reflected Cross-Site Scripting Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/cinema-booking-system/sectionDemo Version: v1.0...