Tandoor Recipes SQL注入漏洞

Tandoor Recipes is an open-source application designed for managing recipes, planning meals, creating shopping lists, and more. Versions of Tandoor Recipes prior to 2.6.0 contained a SQL injection vulnerability. This vulnerability stemmed from the Recipe API endpoint exposing a hidden debug query...

EUVD-2025-31587

Malicious code in bioql PyPI...

CVE-2025-56795

Mealie 3.0.1 and earlier is vulnerable to Stored Cross-Site Scripting XSS in the recipe creation functionality. Unsanitized user input in the "note" and "text" fields of the "/api/recipes/recipename" endpoint is rendered in the frontend without proper escaping leading to persistent XSS...

CVE-2025-56795

Mealie 3.0.1 and earlier is vulnerable to Stored Cross-Site Scripting XSS in the recipe creation functionality. Unsanitized user input in the "note" and "text" fields of the "/api/recipes/recipename" endpoint is rendered in the frontend without proper escaping leading to persistent XSS...

SourceCodester My Food Recipe 代码注入漏洞

SourceCodester My Food Recipe is a SourceCodester open source recipe sharing web application. A code injection vulnerability exists in SourceCodester My Food Recipe version 1.0, which originates from cross-site scripting due to incorrect manipulation of the parameter Name in the file...