CVE-2025-5181 – Summer Pearl Group Vacation Rental Management Platform Cross Site Scripting Vulnerability

May 26, 2025

CVE ID : CVE-2025-5181

Published : May 26, 2025, 11:15 a.m. | 52 minutes ago

Description : A vulnerability, which was classified as problematic, was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1. This affects an unknown part of the file /spgpm/updateListing. The manipulation of the argument spgLsTitle leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.2 is able to address this issue. It is recommended to upgrade the affected component.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleGitHub for Beginners: Test-driven development (TDD) with GitHub Copilot

Next Article CVE-2025-5182 – “Summer Pearl Group Vacation Rental Management Platform Listing Handler Authorization Bypass”

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

SteelSeries reveals new Arctis Nova 3 Wireless headset series for Xbox, PlayStation, Nintendo Switch, and PC

The Witcher 4 looks absolutely amazing in UE5 technical presentation at State of Unreal 2025

Razer’s having another go at making it so you never have to charge your wireless gaming mouse, and this time it might have nailed it

Alienware’s rumored laptop could be the first to feature NVIDIA’s revolutionary Arm-based APU

easy-live2d – About Make your Live2D as easy to control as a pixi sprite! Live2D Web SDK based on Pixi.js.

easy-live2d – About Make your Live2D as easy to control as a pixi sprite! Live2D Web SDK based on Pixi.js.

From Kitchen To Conversion

Perficient Included in Forrester’s AI Technical Services Landscape, Q2 2025

SteelSeries reveals new Arctis Nova 3 Wireless headset series for Xbox, PlayStation, Nintendo Switch, and PC

SteelSeries reveals new Arctis Nova 3 Wireless headset series for Xbox, PlayStation, Nintendo Switch, and PC

The Witcher 4 looks absolutely amazing in UE5 technical presentation at State of Unreal 2025

Razer’s having another go at making it so you never have to charge your wireless gaming mouse, and this time it might have nailed it

CVE-2025-5181 – Summer Pearl Group Vacation Rental Management Platform Cross Site Scripting Vulnerability

Actively Exploited Qualcomm GPU Zero-Days Added to CISA’s KEV Catalog

HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass

Optimizing Agent Planning: A Parametric AI Approach to World Knowledge

The Inclusive Revolution in Modern Design

Vitech uses Amazon Bedrock to revolutionize information access with AI-powered chatbot

The Razer headset I haven’t stopped using since I reviewed it now has an Xbox version, and it’s predictably awesome

Zoom Adopts NIST-Approved Post-Quantum End-to-End Encryption for Meetings

Best YouTube Channels for UX Designers

UX in Universal Design Series: The Role of Adaptive and Assistive Technologies in Health Systems â€“ 7

New generative media models and tools, built with and for creators

CVE-2025-5181 – Summer Pearl Group Vacation Rental Management Platform Cross Site Scripting Vulnerability

Related Posts