EUVD-2025-36351

A vulnerability was determined in code-projects Food Ordering System 1.0. This affects an unknown function of the file /admin/menu.php. Executing manipulation of the argument itemPrice can lead to sql injection. The attack can be executed remotely. The exploit has been publicly disclosed and may ...

CVE-2025-5426

A vulnerability was found in juzaweb CMS up to 3.4.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin-cp/menus of the component Menu Page. The manipulation leads to improper access controls. The attack can be launched remotely. The...

CVE-2025-5426 juzaweb CMS Menu Page menus access control

A vulnerability was found in juzaweb CMS up to 3.4.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin-cp/menus of the component Menu Page. The manipulation leads to improper access controls. The attack can be launched remotely. The...

PT-2025-23456 · Unknown · Juzawebcms

Name of the Vulnerable Software and Affected Versions: juzaweb CMS versions up to 3.4.2 Description: A critical issue was found in the juzaweb CMS, affecting an unknown functionality of the file /admin-cp/menus of the component Menu Page. This leads to improper access controls, allowing remote...

CVE-2025-2710

A vulnerability was found in Yonyou UFIDA ERP-NC 5.0 and classified as problematic. This issue affects some unknown processing of the file /menu.jsp. The manipulation of the argument flag leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the...

Yonyou UFIDA ERP-NC 代码注入漏洞

Yonyou UFIDA ERP-NC is a kind of Enterprise Resource Planning ERP software, which is mainly used for financial management, supply chain management, production management and customer relationship management of enterprises. Yonyou UFIDA ERP-NC suffers from a cross-site scripting vulnerability that...

itsourcecode Alton Management System 代码问题漏洞

itsourcecode Alton Management System is an online restaurant management system from itsourcecode. A code issue vulnerability exists in version 1.0 of itsourcecode Alton Management System, which stems from an unrestricted file upload vulnerability in the image function of the /admin/menu.php of th...

Online Food Ordering System 代码问题漏洞

Online Food Ordering System is an online food ordering system. Online Food Ordering System suffers from an arbitrary file upload vulnerability, which stems from a lack of validation of the uploaded file in the file /fos/admin/index.php?page=menu of the component Menu Form, and can be exploited by...

CVE-2023-22959

WebChess through 0.9.0 and 1.0.0.rc2 allows SQL injection: mainmenu.php, chess.php, and opponentspassword.php txtFirstName, txtLastName...

Food-order-and-table-reservation-system SQL注入漏洞

Food-order-and-table-reservation-system is enabling users to order food online and reserve a table for dine-in if there is no delivery option. food-order-and-table-reservation-system version 1.0 is vulnerable to an SQL injection vulnerability that originates in the categorywise-menu.php page wher...

CVE-2021-42367

The Variation Swatches for WooCommerce WordPress plugin is vulnerable to Stored Cross-Site Scripting via several parameters found in the /includes/class-menu-page.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.1.1. Due to missing authorization...

PuppyCMS Cross-Site Scripting Vulnerability

puppetCMS is a lightweight PHP-based content management system. A cross-site scripting vulnerability exists in puppyCMS version 5.1. A remote attacker can exploit this vulnerability by executing JavaScript code in the 'Add Page/URL' URL link field of the menu.php file...

CVE-2018-5267

Cobham Sea Tel 121 build 222701 devices allow remote attackers to bypass authentication via a direct request to MenuDealerGx.html, MenuDealer.html, MenuEuNCGx.html, MenuEuNC.html, MenuSysGx.html, or MenuSys.html...