EUVD-2024-0961

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Critical file upload vulnerability in Grav allows code injection and data exfiltration. Upgrade to 1.7.45.

Reporter	Title	Published	Views	Family All 11
CNNVD	Grav 安全漏洞	21 Mar 202400:00	–	cnnvd
CVE	CVE-2024-27921	21 Mar 202421:38	–	cve
Cvelist	CVE-2024-27921 Grav File Upload Path Traversal vulnerability	21 Mar 202421:38	–	cvelist
Github Security Blog	Grav File Upload Path Traversal	22 Mar 202416:29	–	github
NVD	CVE-2024-27921	21 Mar 202422:15	–	nvd
OSV	CVE-2024-27921 Grav File Upload Path Traversal vulnerability	21 Mar 202421:38	–	osv
OSV	GHSA-M7HX-HW6H-MQMC Grav File Upload Path Traversal	22 Mar 202416:29	–	osv
Positive Technologies	PT-2024-22138 · Grav · Grav	21 Mar 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-27921	5 Feb 202503:53	–	redhatcve
Veracode	Path Traversal	26 Mar 202413:18	–	veracode

[
  {
    "enisaIdVendor": [
      {
        "id": "e87c004c-2c9e-3ce5-9a4c-9a04312b94f8",
        "vendor": {
          "name": "getgrav"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "519b0334-5082-388a-a881-015f87c1a3b7",
        "product": {
          "name": "grav"
        },
        "product_version": "< 1.7.45"
      },
      {
        "id": "5a0999ee-1aa2-3c32-a55e-ea7487538727",
        "product": {
          "name": "grav"
        }
      }
    ]
  }
]

Source	Link
github	www.github.com/getgrav/grav/security/advisories/GHSA-m7hx-hw6h-mqmc
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-27921
github	www.github.com/getgrav/grav/commit/5928411b86bab05afca2b33db4e7386a44858e99
github	www.github.com/getgrav/grav

03 Oct 2025 20:07Current

8.4High risk

Vulners AI Score8.4

CVSS 3.18.8

EPSS0.08787

SSVC