2720 matches found
CVE-2025-6053 Zuppler Online Ordering <= 2.1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Zuppler Online Ordering plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.0. This is due to missing or incorrect nonce validation on the 'zuppler-online-ordering-options' page. This makes it possible for unauthenticated attackers to...
CVE-2025-6053 Zuppler Online Ordering <= 2.1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Zuppler Online Ordering plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.0. This is due to missing or incorrect nonce validation on the 'zuppler-online-ordering-options' page. This makes it possible for unauthenticated attackers to...
WordPress plugin Zuppler Online Ordering 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in...
PT-2025-29988 · WordPress · Zuppler Online Ordering
Name of the Vulnerable Software and Affected Versions: Zuppler Online Ordering plugin for WordPress versions prior to 2.1.1 Description: The plugin is susceptible to Cross-Site Request Forgery due to missing or incorrect nonce validation on the 'zuppler-online-ordering-options' page. This allows...
PT-2025-30100 · Unknown · Food Ordering Review System
Name of the Vulnerable Software and Affected Versions: code-projects Food Ordering Review System version 1.0 Description: A critical vulnerability exists in the Food Ordering Review System. The vulnerability affects unknown code within the /pages/signup function.php file. Manipulation of the fnam...
CVE-2025-7755
A vulnerability was found in code-projects Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/editproduct.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The explo...
CVE-2025-7755
A vulnerability was found in code-projects Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/editproduct.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The explo...
CVE-2025-7755
CVE-2025-7755 affects code-projects Online Ordering System 1.0. The vulnerability resides in the processing of the file parameter in /admin/edit_product.php, where manipulation of the image argument enables unrestricted file uploads. This could allow remote attackers to upload arbitrary files, po...
CVE-2025-7755 code-projects Online Ordering System edit_product.php unrestricted upload
A vulnerability was found in code-projects Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/editproduct.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The explo...
CVE-2025-7755 code-projects Online Ordering System edit_product.php unrestricted upload
A vulnerability was found in code-projects Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/editproduct.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The explo...
Code-Projects Online Ordering System 代码问题漏洞
Online Ordering System is an online ordering system. A file upload vulnerability exists in Online Ordering System that stems from a lack of valid validation of uploaded files by the parameter image in the file /admin/editproduct.php. No details of the vulnerability are available at this time...
Juniper Junos OS Vulnerability (JSA100084)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100084 advisory. - A Use of Incorrect Byte Ordering vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS on SRX300 Series allows an unauthenticated, network-based...
Simple Pizza Ordering System large.php file SQL Injection Vulnerability
Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the parameter ID of file /large.php. An attacker can exploit this vulnerability to...
CVE-2025-6938
A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /editcus.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-6937
A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /large.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2025-6936
A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /addpro.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-6938
A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /editcus.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-6938
A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /editcus.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-6938 code-projects Simple Pizza Ordering System editcus.php sql injection
A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /editcus.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-6938 code-projects Simple Pizza Ordering System editcus.php sql injection
A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /editcus.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...