Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 10:55 a.m.8 views

CVE-2022-23378

A Cross-Site Scripting XSS vulnerability exists within the 3.2.2 version of TastyIgniter. The "items%5B0%5D%5Bpath%5D" parameter of a request made to /admin/allergens/edit/1 is vulnerable...

5.4CVSS5.7AI score0.01079EPSS
Exploits2References1
RedhatCVE
RedhatCVEadded 2025/05/22 9:25 p.m.6 views

CVE-2021-38699

TastyIgniter 3.0.7 allows XSS via /account, /reservation, /admin/dashboard, and /admin/systemlogs...

5.4CVSS5.8AI score0.07977EPSS
Exploits5References1
RedhatCVE
RedhatCVEadded 2025/03/20 4:2 p.m.12 views

CVE-2024-44313

TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks...

8.1CVSS6.8AI score0.00641EPSS
Exploits2References1
GithubExploit
GithubExploitadded 2025/03/19 11:11 p.m.408 views

Exploit for Improper Access Control in Tastyigniter

Exploit 🛠️ Estudo de Caso: CVE-2024-44313 e o EPSS na Prioritiza...

8.1CVSS8.1AI score0.00641EPSS
Exploits2
Github Security Blog
Github Security Blogadded 2025/03/18 3:30 p.m.11 views

TastyIgniter Has an Incorrect Access Control Vulnerability via `invoice()` Function

TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks...

8.1CVSS7AI score0.00641EPSS
Exploits2References4Affected Software1
Github Security Blog
Github Security Blogadded 2025/03/18 3:30 p.m.8 views

TastyIgniter Has an Incorrect Access Control Vulnerability

TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the Orders Management System, allowing unauthorized users to update order statuses. The issue occurs in the indexonUpdateStatus function within Orders.php, which fails to verify if the user has permission to modify an order'...

6.5CVSS6.5AI score0.0027EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2025/03/18 3:30 p.m.4 views

GHSA-W5H7-MW56-4V7X TastyIgniter Has an Incorrect Access Control Vulnerability

TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the Orders Management System, allowing unauthorized users to update order statuses. The issue occurs in the indexonUpdateStatus function within Orders.php, which fails to verify if the user has permission to modify an order'...

6.5CVSS6.8AI score0.0027EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2022/09/08 12:0 a.m.3 views

PT-2022-24317 · Unknown · Tastyigniter

Name of the Vulnerable Software and Affected Versions: TastyIgniter version 3.5.0 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload, which is a result of a cross-site scripting XSS vulnerability. This means an attacker can inject malicious...

5.4CVSS5.4AI score0.0044EPSS
Exploits0References4
NVD
NVDadded 2021/08/15 6:15 p.m.17 views

CVE-2021-38699

TastyIgniter 3.0.7 allows XSS via /account, /reservation, /admin/dashboard, and /admin/systemlogs...

5.4CVSS0.07977EPSS
Exploits5References6
Rows per page
Query Builder