CVE-2025-66310

This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create and modify pages. Prior to 1.11.0-beta.1, a Stored Cross-Site Scripting XSS vulnerability was identified in the /admin/pages/page endpoint of the Grav application. This...

EUVD-2025-200100

Grav vulnerable to Cross-Site Scripting XSS Stored endpoint /admin/pages/page parameter dataheadertemplate in Advanced Tab...

CVE-2025-66310 Grav vulnerable to Cross-Site Scripting (XSS) Stored endpoint `/admin/pages/[page]` parameter `data[header][template]` in Advanced Tab

This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create and modify pages. Prior to 1.11.0-beta.1, a Stored Cross-Site Scripting XSS vulnerability was identified in the /admin/pages/page endpoint of the Grav application. This...

CVE-2025-66310 Grav vulnerable to Cross-Site Scripting (XSS) Stored endpoint `/admin/pages/[page]` parameter `data[header][template]` in Advanced Tab

This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create and modify pages. Prior to 1.11.0-beta.1, a Stored Cross-Site Scripting XSS vulnerability was identified in the /admin/pages/page endpoint of the Grav application. This...

CVE-2025-66310 Grav vulnerable to Cross-Site Scripting (XSS) Stored endpoint `/admin/pages/[page]` parameter `data[header][template]` in Advanced Tab

This admin plugin for Grav is an HTML user interface that provides a convenient way to configure Grav and easily create and modify pages. Prior to 1.11.0-beta.1, a Stored Cross-Site Scripting XSS vulnerability was identified in the /admin/pages/page endpoint of the Grav application. This...

EUVD-2020-27780

Malware in sbrugna...

CVE-2025-10029

A security flaw has been discovered in itsourcecode POS Point of Sale System 1.0. This vulnerability affects unknown code of the file /inventory/main/vendors/datatables/unittesting/templates/complexheader2.php. Performing manipulation of the argument scripts results in cross site scripting. The...

CVE-2025-10026 itsourcecode POS Point of Sale System -complex_header.php cross site scripting

A vulnerability was found in itsourcecode POS Point of Sale System 1.0. Affected by this vulnerability is an unknown functionality of the file /inventory/main/vendors/datatables/unittesting/templates/-complexheader.php. The manipulation of the argument scripts results in cross site scripting. It ...

PT-2025-36325

Name of the Vulnerable Software and Affected Versions: itsourcecode POS Point of Sale System version 1.0 Description: A cross site scripting issue exists in itsourcecode POS Point of Sale System version 1.0. The vulnerability is located in an unknown functionality of the file...

CVE-2024-10744

A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/assets/plugins/DataTables/media/unittesting/templates/complexheader2.php. The manipulation of the argument scripts...

CVE-2025-1585

A vulnerability, which was classified as problematic, has been found in otale tale up to 2.0.5. This issue affects the function OptionsService of the file src/main/resources/templates/themes/default/partial/header.html. The manipulation of the argument logourl leads to cross site scripting. The...

Tale Blog 代码注入漏洞

Tale Blog is a Java blog. A cross-site scripting vulnerability exists in Tale Blog version 2.0.5 and earlier versions, which stems from the lack of effective filtering and escaping of user-supplied data in the logourl parameter of the OptionsService function of...

CVE-2024-10744

A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/assets/plugins/DataTables/media/unittesting/templates/complexheader2.php. The manipulation of the argument scripts...

PHPGurukul Online Shopping Portal 跨站脚本漏洞

Online Shopping Portal is an online store. Online Shopping Portal suffers from a cross-site scripting vulnerability that originates from the parameter scripts in file /admin/assets/plugins/DataTables/media/unittesting/templates/complexheader2.php that is not validly filtered and escaped by...

CVE-2020-6632

In PrestaShop 1.7.6.2, XSS can occur during addition or removal of a QuickAccess link. This is related to AdminQuickAccessesController.php, themes/default/template/header.tpl, and themes/new-theme/js/header.js...

DEBIAN-CVE-2016-2561

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.5 and 4.5.x before 4.5.5.1 allow remote authenticated users to inject arbitrary web script or HTML via 1 normalization.php or 2 js/normalization.js in the database normalization page, 3...

CVE-2014-2080

Cross-site scripting XSS vulnerability in manager/templates/default/header.tpl in ModX Revolution before 2.2.11 allows remote attackers to inject arbitrary web script or HTML via the "a" parameter...

Ossigeno CMS 2.2a3 - footer.php Remote File Inclusion

Ossigeno CMS 2.2a3 - footer.php Remote File Inclusion :::::::::::::::::::::::::::::::::::::::::::::::::::....................... ::| \ | | \ | | / | ::| | | | | | | | ::| . | |/ / \ | . |/ | ' \ / \ | | | '/ \ \ /\ / / ::| |\ | | | / | |\ | | | | | | | | / | || | | /\ V V / ::|| ||\| || |,||...