Lucene search
K

14 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/29 5:0 p.m.4 views

CVE-2026-7393

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function savemenu of the file /admin/adminclassnovo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. The attack is possible to be...

5.8CVSS4.8AI score0.00268EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/04/29 5:0 p.m.6 views

EUVD-2026-26265

A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function savemenu of the file /admin/adminclassnovo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. The attack is possible to be...

5.8CVSS4.8AI score0.00268EPSS
Exploits1References5
CVE
CVE
added 2026/04/28 6:15 p.m.16 views

CVE-2026-7295

CVE-2026-7295 affects SourceCodester Pizzafy Ecommerce System 1.0. The vulnerability lies in the /admin/ajax.php?action=save_menu function, where manipulating the Name argument enables cross-site scripting (XSS). Exploitation can be performed remotely; the exploit has been disclosed publicly. No ...

4.8CVSS3.3AI score0.00206EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.11 views

PT-2026-35662

A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function delete menu of the file /admin/ajax.php?action=delete menu. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploi...

7.5CVSS7.3AI score0.00254EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.16 views

PT-2026-35815

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function save menu of the file /admin/ajax.php?action=save menu. Such manipulation of the argument Name leads to cross site scripting. The attack may be launched remotely. The exploit has...

4.8CVSS3.1AI score0.00206EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/09 12:38 p.m.3 views

CVE-2023-29848

Bang Resto 1.0 was discovered to contain a stored cross-site scripting XSS vulnerability via the itemName parameter in the admin/menu.php Add New Menu function...

4.8CVSS5.9AI score0.01926EPSS
Exploits4References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-33385

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.01926EPSS
Exploits4References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-24541

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00151EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/15 4:34 a.m.15 views

CVE-2025-8491

The Easy restaurant menu manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on the nsceprmsavemenu function. This makes it possible for unauthenticated attackers to upload a men...

4.3CVSS6.8AI score0.00151EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/13 3:42 a.m.3 views

CVE-2025-8491 Easy restaurant menu manager <= 2.0.2 - Cross-Site Request Forgery to Menu Upload

The Easy restaurant menu manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on the nsceprmsavemenu function. This makes it possible for unauthenticated attackers to upload a men...

4.3CVSS6.7AI score0.00151EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 10:57 p.m.9 views

CVE-2022-32330

Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=deletemenu...

7.2CVSS8.1AI score0.00909EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/03/14 12:0 a.m.4 views

Online Pizza Ordering System 代码问题漏洞

Online Pizza Ordering System is an online pizza ordering system by Carlo Montero Personal Developer. A code issue vulnerability exists in SourceCodester Online Pizza Ordering System version 1.0, which stems from a security issue in the function savemenu that results in unrestricted uploads...

9.8CVSS7AI score0.00886EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/03/14 12:0 a.m.6 views

PT-2023-16950 · Unknown · Sourcecodester Online Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Pizza Ordering System version 1.0 Description: A critical issue has been found, affecting the save menu function, which leads to unrestricted upload. The attack can be launched remotely. Recommendations: For SourceCodest...

9.8CVSS7.3AI score0.00886EPSS
Exploits1References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/05/16 5:0 a.m.4 views

Multiple BestWebSoft WordPress plugins vulnerable to cross-site scripting

Overview Multiple WordPress Plugins provided by BestWebSoft use a common function for displaying the BestWebSoft menu. This function contains a cross-site scripting vulnerability CWE-79. Chris Liu reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

6.1CVSS6AI score0.00886EPSS
Exploits0References5
Rows per page
Query Builder