3941 matches found
PT-2025-44540
Nagios XI versions prior to 5.2.4 are vulnerable to cross-site scripting XSS via the Menu System of the web interface. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
PT-2025-44536
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2012R2.6 Description Nagios XI is susceptible to cross-site scripting XSS through the Tools Menu of its web interface. Insufficient validation or escaping of user-supplied input could allow an attacker to inject and...
CVE-2025-12315
A vulnerability was determined in code-projects Food Ordering System 1.0. This affects an unknown function of the file /admin/menu.php. Executing a manipulation of the argument itemPrice can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and ma...
CVE-2025-12315
A vulnerability was determined in code-projects Food Ordering System 1.0. This affects an unknown function of the file /admin/menu.php. Executing a manipulation of the argument itemPrice can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and ma...
CVE-2025-12315
A vulnerability was determined in code-projects Food Ordering System 1.0. This affects an unknown function of the file /admin/menu.php. Executing a manipulation of the argument itemPrice can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and ma...
CVE-2025-12315 code-projects Food Ordering System menu.php sql injection
A vulnerability was determined in code-projects Food Ordering System 1.0. This affects an unknown function of the file /admin/menu.php. Executing a manipulation of the argument itemPrice can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and ma...
CVE-2025-12315 code-projects Food Ordering System menu.php sql injection
A vulnerability was determined in code-projects Food Ordering System 1.0. This affects an unknown function of the file /admin/menu.php. Executing a manipulation of the argument itemPrice can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and ma...
EUVD-2025-36351
A vulnerability was determined in code-projects Food Ordering System 1.0. This affects an unknown function of the file /admin/menu.php. Executing manipulation of the argument itemPrice can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and may ...
CVE-2025-12315
CVE-2025-12315 affects code-projects Food Ordering System 1.0. The vulnerability resides in the code path involving /admin/menu.php and specifically the manipulation of the itemPrice parameter, which can lead to SQL injection. It is exploitable remotely over the network, with exploitation publicl...
PT-2025-44033
Name of the Vulnerable Software and Affected Versions code-projects Food Ordering System version 1.0 Description A flaw exists in code-projects Food Ordering System 1.0 that allows for SQL injection. The issue is located in the file '/admin/menu.php'. Manipulation of the itemPrice argument can...
Food Ordering System SQL注入漏洞
Food Ordering System is a food ordering system by Siddhesh Personal Developer. A SQL injection vulnerability exists in Food Ordering System version 1.0, which stems from an incorrect manipulation of the parameter itemPrice in the file /admin/menu.php, which could lead to a SQL injection attack...
CVE-2025-53238
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Toast Plugins Toast Mobile Menu toast-responsive-menu allows Stored XSS.This issue affects Toast Mobile Menu: from n/a through = 1.0.8...
EUVD-2025-35468
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Toast Plugins Toast Mobile Menu toast-responsive-menu allows Stored XSS.This issue affects Toast Mobile Menu: from n/a through = 1.0.7...
CVE-2025-53238
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Toast Plugins Toast Mobile Menu toast-responsive-menu allows Stored XSS.This issue affects Toast Mobile Menu: from n/a through = 1.0.8...
CVE-2025-53238 WordPress Toast Mobile Menu plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Toast Plugins Toast Mobile Menu toast-responsive-menu allows Stored XSS.This issue affects Toast Mobile Menu: from n/a through = 1.0.8...
CVE-2025-53238 WordPress Toast Mobile Menu plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Toast Plugins Toast Mobile Menu toast-responsive-menu allows Stored XSS.This issue affects Toast Mobile Menu: from n/a through = 1.0.8...
CVE-2025-53238
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Toast Plugins Toast Mobile Menu toast-responsive-menu allows Stored XSS.This issue affects Toast Mobile Menu: from n/a through = 1.0.8...
CVE-2025-53238
Summary: CVE-2025-53238 is a Stored XSS vulnerability in the WordPress plugin Toast Mobile Menu (toast-responsive-menu). The issue arises from improper input neutralization during web page generation, enabling stored scripts. Affected versions are reported as Toast Mobile Menu:
PT-2025-43254
Name of the Vulnerable Software and Affected Versions Toast Mobile Menu versions through 1.0.7 Description The Toast Mobile Menu plugin contains a flaw related to improper input handling during web page creation, which allows for Stored Cross-site Scripting XSS. This means that malicious scripts...
WordPress plugin Toast Mobile Menu 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A cross-site scripting...