4 matches found
CVE-2026-44737
Grav grav-plugin-admin is affected by a XSS in the /admin/pages/[page] endpoint, via data[header][title], reported before upgrading to 1.10.49.5. The vulnerability arises from improper validation/sanitization of the data[header][title] parameter, leading to an injected script being reflected in t...
PT-2025-48569
Name of the Vulnerable Software and Affected Versions Grav versions prior to 1.11.0-beta.1 Description The Grav admin plugin, an HTML user interface for configuring Grav and managing pages, contains a Stored Cross-Site Scripting XSS issue. An attacker can inject malicious scripts into the...
Car Rental Management System 安全漏洞
Car Rental Management System is an open source car rental management system from CampCodes. A security vulnerability exists in Car Rental Management System version 1.0, which stems from the parameter pgdetails in the file /admin/manage-pages.php that can lead to a cross-site scripting attack...
Code-Projects Tourism Management System 安全漏洞
Code-Projects Tourism Management System is an open source tourism management system from Code-Projects. A security vulnerability exists in Code-Projects Tourism Management System version 1.0, which stems from the parameter pgedetails in the file /admin/manage-pages.php that can lead to a cross-si...