Lucene search
PRIOn knowledge basePRION:CVE-2023-34251HistoryJun 14, 2023 - 10:15 p.m.
Design/Logic Flaw
2023-06-1422:15:00
PRIOn knowledge base
www.prio-n.com
1
grav
content management system
server side template injection
remote code execution
php code
administrator screen
page editing privileges
version 1.7.42 fix
Grav is a flat-file content management system. Versions prior to 1.7.42 are vulnerable to server side template injection. Remote code execution is possible by embedding malicious PHP code on the administrator screen by a user with page editing privileges. Version 1.7.42 contains a fix for this issue.
Related
cve
cve
CVE-2023-34251
2023-06-14 22:15:09
github
github
Grav Server Side Template Injection (SSTI) vulnerability
2023-06-16 19:35:56
osv
osv
Grav Server Side Template Injection (SSTI) vulnerability
2023-06-16 19:35:56
CVE-2023-34251
2023-06-14 22:15:09
nvd
nvd
CVE-2023-34251
2023-06-14 22:15:09
veracode
veracode
Server-side Template Injection(SSTI)
2023-06-21 06:49:14
cvelist
cvelist
CVE-2023-34251 Grav Server Side Template Injection vulnerability
2023-06-14 21:31:31