Webkul Krayin CRM is Vulnerable to Cross-Site Scripting in the /admin/activities/create endpoint

Cross-Site Scripting XSS vulnerability exists in Webkul Krayin CRM v2.1.5. The application fails to sanitize user-supplied input in the comment field during Activity creation on the /admin/activities/create endpoint...

GHSA-J822-46R5-H4QX Webkul Krayin CRM is Vulnerable to Cross-Site Scripting in the /admin/activities/create endpoint

Cross-Site Scripting XSS vulnerability exists in Webkul Krayin CRM v2.1.5. The application fails to sanitize user-supplied input in the comment field during Activity creation on the /admin/activities/create endpoint...

CVE-2026-36341

CVE-2026-36341 : Webkul Krayin CRM 2.1.5 contains a Cross-Site Scripting (XSS) flaw in the comment input during Activity creation via the /admin/activities/create endpoint. The root cause is inadequate sanitization of user-supplied input in the comment field. The CVSS v3.1 base score is 5.4 (Medi...

CVE-2026-36942

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in the file /orms/admin/activities/manageactivity.php...

PT-2026-32361

Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in the file /orms/admin/activities/manage activity.php...