Lucene search
K

1713 matches found

NVD
NVD
added 4 days ago5 views

CVE-2026-14622

A vulnerability was found in jairiidriss restaurant-website-php-mysql up to 521428b5b612449df0cf4a5d15ee40cba67f3d35. This vulnerability affects unknown code of the file /admin/ajaxfiles of the component AJAX Endpoint. Performing a manipulation results in missing authentication. The attack is...

7.5CVSS0.00517EPSS
Exploits0References6
Cvelist
Cvelist
added 4 days ago39 views

CVE-2026-14622 jairiidriss restaurant-website-php-mysql AJAX Endpoint ajax_files missing authentication

A vulnerability was found in jairiidriss restaurant-website-php-mysql up to 521428b5b612449df0cf4a5d15ee40cba67f3d35. This vulnerability affects unknown code of the file /admin/ajaxfiles of the component AJAX Endpoint. Performing a manipulation results in missing authentication. The attack is...

7.5CVSS0.00517EPSS
Exploits0References6
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-41661

A vulnerability was found in jairiidriss restaurant-website-php-mysql up to 521428b5b612449df0cf4a5d15ee40cba67f3d35. This vulnerability affects unknown code of the file /admin/ajaxfiles of the component AJAX Endpoint. Performing a manipulation results in missing authentication. The attack is...

7.5CVSS6.6AI score0.00517EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-14622

A vulnerability was found in jairiidriss restaurant-website-php-mysql up to 521428b5b612449df0cf4a5d15ee40cba67f3d35. This vulnerability affects unknown code of the file /admin/ajaxfiles of the component AJAX Endpoint. Performing a manipulation results in missing authentication. The attack is...

7.5CVSS6.6AI score0.00517EPSS
Exploits0References6
CVE
CVE
added 4 days ago14 views

CVE-2026-14622

CVE-2026-14622 affects the restaurant-website-php-mysql project (up to commit 521428b5b612449df0cf4a5d15ee40cba67f3d35). The vulnerability is in the /admin/ajax_files component of the AJAX Endpoint, whereby input manipulation leads to missing authentication. It is exploitable remotely, with a pub...

7.5CVSS6.6AI score0.00517EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 4 days ago10 views

PT-2026-55689

Name of the Vulnerable Software and Affected Versions jairiidriss restaurant-website-php-mysql versions up to 521428b5b612449df0cf4a5d15ee40cba67f3d35 Description A missing authentication flaw exists in the AJAX Endpoint component. A remote attacker can manipulate the '/admin/ajax files' endpoint...

7.5CVSS7.1AI score0.00517EPSS
Exploits0References9
NVD
NVD
added 2026/06/28 1:16 p.m.7 views

CVE-2026-13498

A vulnerability was identified in yashpokharna2555 restaurent-management-system. This affects an unknown function of the file /forgotpassword.php of the component POST Parameter Handler. Such manipulation of the argument email leads to sql injection. The attack can be launched remotely. The explo...

7.5CVSS0.00269EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/28 1:15 p.m.8 views

EUVD-2026-39997

A security flaw has been discovered in yashpokharna2555 restaurent-management-system. This impacts an unknown function of the file loginregister.php of the component Registration Handler. Performing a manipulation of the argument Username results in cross site scripting. The attack may be initiat...

5.3CVSS4.4AI score0.00278EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/28 1:15 p.m.26 views

CVE-2026-13499 yashpokharna2555 restaurent-management-system Registration login_register.php cross site scripting

A security flaw has been discovered in yashpokharna2555 restaurent-management-system. This impacts an unknown function of the file loginregister.php of the component Registration Handler. Performing a manipulation of the argument Username results in cross site scripting. The attack may be initiat...

5.3CVSS0.00278EPSS
Exploits0References6
CVE
CVE
added 2026/06/28 1:15 p.m.15 views

CVE-2026-13499

CVE-2026-13499 concerns a cross-site scripting flaw in the yashpokharna2555 restaurent-management-system, affecting the Registration Handler’s login_register.php. Manipulating the Username argument enables an XSS condition, with remote initiation possible. The exploit has been publicly released; ...

5.3CVSS4.4AI score0.00278EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/28 1:15 p.m.8 views

CVE-2026-13499

A security flaw has been discovered in yashpokharna2555 restaurent-management-system. This impacts an unknown function of the file loginregister.php of the component Registration Handler. Performing a manipulation of the argument Username results in cross site scripting. The attack may be initiat...

5.3CVSS4.4AI score0.00278EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/28 1:0 p.m.32 views

CVE-2026-13498 yashpokharna2555 restaurent-management-system POST Parameter forgotpassword.php sql injection

A vulnerability was identified in yashpokharna2555 restaurent-management-system. This affects an unknown function of the file /forgotpassword.php of the component POST Parameter Handler. Such manipulation of the argument email leads to sql injection. The attack can be launched remotely. The explo...

7.5CVSS0.00269EPSS
Exploits0References6
CVE
CVE
added 2026/06/28 1:0 p.m.19 views

CVE-2026-13498

The CVE concerns yashpokharna2555 restaurant-management-system. It identifies a vulnerability in an unknown function within /forgotpassword.php (POST Parameter Handler) where manipulating the email parameter leads to SQL injection. The issue can be exploited remotely and publicly available exploi...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.10 views

PT-2026-53110

Name of the Vulnerable Software and Affected Versions yashpokharna2555 restaurent-management-system affected versions not specified Description A security flaw exists in the Registration Handler component within the login register.php file. A remote attacker can perform cross-site scripting XSS—a...

5.3CVSS5.7AI score0.00278EPSS
Exploits0References12
EUVD
EUVD
added 2026/06/26 3:32 p.m.8 views

EUVD-2025-210352

Subscriber Broken Access Control in Restaurant Menu by MotoPress = 2.4.11 versions...

4.3CVSS5.8AI score0.00243EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 3:16 p.m.8 views

CVE-2026-57644

Contributor SQL Injection in Restaurant Menu by MotoPress = 2.4.10 versions...

8.5CVSS0.00211EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 3:16 p.m.8 views

CVE-2025-63078

Subscriber Broken Access Control in Restaurant Menu by MotoPress = 2.4.11 versions...

4.3CVSS0.00243EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:53 p.m.30 views

CVE-2026-57644 WordPress Restaurant Menu by MotoPress plugin <= 2.4.10 - SQL Injection vulnerability

Contributor SQL Injection in Restaurant Menu by MotoPress = 2.4.10 versions...

8.5CVSS0.00211EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:53 p.m.9 views

CVE-2026-57644

CVE-2026-57644 describes a SQL Injection in the WordPress plugin “Restaurant Menu by MotoPress” for versions

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:53 p.m.6 views

EUVD-2026-39759

Contributor SQL Injection in Restaurant Menu by MotoPress = 2.4.10 versions...

8.5CVSS5.8AI score0.00211EPSS
Exploits0References1
Rows per page
Query Builder