CVE-2026-44737

Grav grav-plugin-admin is affected by a XSS in the /admin/pages/[page] endpoint, via data[header][title], reported before upgrading to 1.10.49.5. The vulnerability arises from improper validation/sanitization of the data[header][title] parameter, leading to an injected script being reflected in t...

PT-2025-48569

Name of the Vulnerable Software and Affected Versions Grav versions prior to 1.11.0-beta.1 Description The Grav admin plugin, an HTML user interface for configuring Grav and managing pages, contains a Stored Cross-Site Scripting XSS issue. An attacker can inject malicious scripts into the...

Code-Projects Tourism Management System 安全漏洞

Code-Projects Tourism Management System is an open source tourism management system from Code-Projects. A security vulnerability exists in Code-Projects Tourism Management System version 1.0, which stems from the parameter pgedetails in the file /admin/manage-pages.php that can lead to a cross-si...

Car Rental Management System 安全漏洞

Car Rental Management System is an open source car rental management system from CampCodes. A security vulnerability exists in Car Rental Management System version 1.0, which stems from the parameter pgdetails in the file /admin/manage-pages.php that can lead to a cross-site scripting attack...