Lucene search
K

10 matches found

CVE
CVE
added 2026/04/07 2:51 p.m.9 views

CVE-2026-35488

CVE-2026-35488 affects Tandoor Recipes where RecipeBookViewSet and RecipeBookEntryViewSet exposed a flawed CustomIsShared permission: has_object_permission() returns True for all HTTP methods, letting shared (read-only) users delete or overwrite a RecipeBook. The root cause is the permission chec...

8.1CVSS5.9AI score0.00378EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/04/07 2:51 p.m.2 views

EUVD-2026-19673

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, RecipeBookViewSet and RecipeBookEntryViewSet use CustomIsShared as an alternative permission class, but CustomIsShared.hasobjectpermission returns True for all HTTP methods —...

8.1CVSS5.9AI score0.00378EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/07 2:51 p.m.1 views

CVE-2026-35488 Tandoor Recipes — CustomIsShared permits DELETE/PUT on RecipeBook by shared (read-only) users

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, RecipeBookViewSet and RecipeBookEntryViewSet use CustomIsShared as an alternative permission class, but CustomIsShared.hasobjectpermission returns True for all HTTP methods —...

8.1CVSS5.9AI score0.00378EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.3 views

PT-2026-30861

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, RecipeBookViewSet and RecipeBookEntryViewSet use CustomIsShared as an alternative permission class, but CustomIsShared.has object permission returns True for all HTTP methods —...

8.1CVSS5.9AI score0.00378EPSS
Exploits1References3
CNVD
CNVD
added 2022/09/20 12:0 a.m.11 views

Nanjing Thing Orange Information Technology Co., Ltd. home recipe book APP has information leakage vulnerability

Home-Cooked Recipe Book APP is a food recipe software. Nanjing Thing Orange Information Technology Co., Ltd. has an information leakage vulnerability in Home Recipe Book APP, which can be exploited by attackers to obtain sensitive information...

2.1AI score
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2009/01/12 12:0 a.m.16 views

Weight Loss Recipe Book 3.1 SQL Injection

Weight Loss Recipe Book 3.1 Autore: x0r Emails: [email protected] \ [email protected] Cms Site: http://www.my-health-and-fitness.org/weight-loss-recipe-book.html Bug In \wlrbfiles\admin-login.php SELECT FROM ' . $programprefix . 'administrators WHERE administratorsusername = "'...

0.3AI score
Exploits0
seebug.org
seebug.org
added 2009/01/12 12:0 a.m.13 views

Weight Loss Recipe Book 3.1 (Auth Bypass) SQL Injection Vuln

No description provided by source. Weight Loss Recipe Book 3.1 Autore: x0r Emails: [email protected] \ [email protected] Cms Site: http://www.my-health-and-fitness.org/weight-loss-recipe-book.html Bug In \wlrbfiles\admin-login.php SELECT FROM ' . $programprefix . 'administrators WHERE...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/01/11 12:0 a.m.13 views

Weight Loss Recipe Book 3.1 - Authentication Bypass

Weight Loss Recipe Book 3.1 - Authentication Bypass Weight Loss Recipe Book 3.1 Autore: x0r Emails: [email protected] \ [email protected] Cms Site: http://www.my-health-and-fitness.org/weight-loss-recipe-book.html Bug In \wlrbfiles\admin-login.php SELECT FROM ' . $programprefix . 'administrators WHE...

0.6AI score
Exploits0
0day.today
0day.today
added 2009/01/11 12:0 a.m.16 views

Weight Loss Recipe Book 3.1 (Auth Bypass) SQL Injection Vuln

Exploit for unknown platform in category web applications ============================================================ Weight Loss Recipe Book 3.1 Auth Bypass SQL Injection Vuln ============================================================ Weight Loss Recipe Book 3.1 Autore: x0r Cms Site:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/01/11 12:0 a.m.24 views

Weight Loss Recipe Book 3.1 - Authentication Bypass

Weight Loss Recipe Book 3.1 Autore: x0r Emails: [email protected] \ [email protected] Cms Site: http://www.my-health-and-fitness.org/weight-loss-recipe-book.html Bug In \wlrbfiles\admin-login.php SELECT FROM ' . $programprefix . 'administrators WHERE administratorsusername = "'...

7.4AI score
Exploits0
Rows per page
Query Builder