Lucene search
K

17 matches found

CNNVD
CNNVD
added 2025/11/30 12:0 a.m.4 views

Ecommerce-Website 代码注入漏洞

Ecommerce-Website is a full-fledged e-commerce website by Winston Dsouza Individual Developer with an admin panel built using PHP and MySql. A code injection vulnerability exists in Ecommerce-Website, which stems from the incorrect operation of the parameter Error in the file...

5.3CVSS5AI score0.0027EPSS
Exploits0References5
OSV
OSV
added 2025/10/27 8:15 p.m.4 views

CVE-2025-12315

A vulnerability was determined in code-projects Food Ordering System 1.0. This affects an unknown function of the file /admin/menu.php. Executing a manipulation of the argument itemPrice can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and ma...

9.8CVSS5.8AI score0.00376EPSS
Exploits1References5
NVD
NVD
added 2025/10/27 8:15 p.m.8 views

CVE-2025-12315

A vulnerability was determined in code-projects Food Ordering System 1.0. This affects an unknown function of the file /admin/menu.php. Executing a manipulation of the argument itemPrice can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and ma...

9.8CVSS0.00376EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/10/27 8:2 p.m.2 views

CVE-2025-12315 code-projects Food Ordering System menu.php sql injection

A vulnerability was determined in code-projects Food Ordering System 1.0. This affects an unknown function of the file /admin/menu.php. Executing a manipulation of the argument itemPrice can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and ma...

5.8CVSS5.1AI score0.00376EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/10/27 8:2 p.m.12 views

CVE-2025-12315 code-projects Food Ordering System menu.php sql injection

A vulnerability was determined in code-projects Food Ordering System 1.0. This affects an unknown function of the file /admin/menu.php. Executing a manipulation of the argument itemPrice can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and ma...

5.8CVSS0.00376EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.10 views

PT-2025-44033

Name of the Vulnerable Software and Affected Versions code-projects Food Ordering System version 1.0 Description A flaw exists in code-projects Food Ordering System 1.0 that allows for SQL injection. The issue is located in the file '/admin/menu.php'. Manipulation of the itemPrice argument can...

9.8CVSS5.2AI score0.00376EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/08/13 12:0 a.m.4 views

PT-2025-32963 · WordPress · Easy Restaurant Menu Manager

Name of the Vulnerable Software and Affected Versions: Easy restaurant menu manager plugin for WordPress versions prior to 2.0.3 Description: The plugin is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation in the nsc eprm save menu function. This allows...

4.3CVSS6.3AI score0.00151EPSS
Exploits0References8
OSV
OSV
added 2025/03/27 2:15 p.m.4 views

CVE-2025-2852

A vulnerability has been found in SourceCodester Food Ordering Management System up to 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/menus/viewmenu.php. The manipulation of the argument ID leads to sql injection. The attack can be...

5.1CVSS5.7AI score0.00376EPSS
Exploits1References5
OSV
OSV
added 2024/07/31 12:15 a.m.3 views

CVE-2024-7277

A vulnerability was found in itsourcecode Alton Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/menu.php of the component Add a Menu. The manipulation of the argument image leads to unrestricted upload. The attack may be...

7.2CVSS5.5AI score0.00541EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/04/01 12:0 a.m.4 views

NetentSec NS-ASG 安全漏洞

NetentSec NS-ASG is an application security gateway from China NetentSec. A security vulnerability exists in NetentSec NS-ASG version 6.3, which originates from an SQL injection vulnerability in the /3g/menu.php file...

5.4CVSS7.9AI score0.00349EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/03/17 12:0 a.m.4 views

PT-2024-21041 · Unknown · Pandaxgo Pandax

Name of the Vulnerable Software and Affected Versions: PandaXGO PandaX up to 20240310 Description: A critical issue was found in the function InsertRole of the file /apps/system/services/role menu.go. The manipulation of the argument roleKey leads to sql injection. It is possible to initiate the...

9.8CVSS6.9AI score0.0051EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/12/28 12:0 a.m.3 views

PT-2022-11744 · Unknown · Gnuboard Youngcart5

Name of the Vulnerable Software and Affected Versions: gnuboard youngcart5 versions up to 5.4.5.1 Description: A vulnerability has been found in gnuboard youngcart5, where the manipulation of the argument me link in the file adm/menu list update.php leads to cross site scripting. This issue can b...

6.1CVSS4.2AI score0.00505EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2021/11/02 12:0 a.m.5 views

The vulnerability of the Python programming language library pyxdg, related to improper code generation, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Python programming language library pyxdg is related to the lack of sanitization processing in xdg/Menu.py before the call to eval. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failure...

7.5CVSS7.2AI score0.02105EPSS
Exploits1References10Affected Software5
OSV
OSV
added 2021/01/19 2:29 p.m.3 views

USN-4700-1 pyxdg vulnerability

Alexandre D'Hondt discovered that PyXDG did not properly sanitize input. An attacker could exploit this with a crafted .menu file to execute arbitrary code...

7.5CVSS7.3AI score0.02105EPSS
Exploits1References2
PyPA
PyPA
added 2019/06/06 7:29 p.m.7 views

PYSEC-2019-199

A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDGCONFIGDIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in...

7.5CVSS7.5AI score0.02105EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/09/07 12:0 a.m.6 views

The vulnerability of the components menu_pxc.cgi and index.cgi of the microprogramming system for controlled switches from FL SWITCH by Phoenix Contact allows a hacker to execute arbitrary code or cause malfunctions during maintenance.

The vulnerability of the components menupxc.cgi and index.cgi of the microprogramming software for controlled switches from FL SWITCH Phoenix Contact arises from operations that go beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary...

8.1CVSS6.2AI score0.02276EPSS
Exploits0References6Affected Software29
ATTACKERKB
ATTACKERKB
added 2008/10/18 12:18 a.m.3 views

CVE-2008-4605

SQL injection vulnerability in CafeEngine allows remote attackers to execute arbitrary SQL commands via the id parameter to 1 dish.php and 2 menu.php...

7.5CVSS6.4AI score0.01003EPSS
Exploits1References6
Rows per page
Query Builder