Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CNNVD
CNNVDadded 2026/05/11 12:0 a.m.8 views

Grav 代码注入漏洞

Grav is a scalable content management system CMS developed by the Grav open-source community, suitable for use in personal blogs, small content publishing platforms, and single-page product displays. Versions of Grav prior to 2.0.0-beta.2 contained a code injection vulnerability. This vulnerabili...

9.1CVSS6AI score0.03934EPSS
Exploits4References2
CNNVD
CNNVDadded 2025/08/06 12:0 a.m.2 views

Grav CMS 安全漏洞

Grav CMS is Grav open source a flat file-based content management system . Grav CMS suffers from a remote code execution vulnerability that originates from allowing authenticated administrators to upload malicious plugins via the admin/tools/direct-install interface, which can be exploited by an...

8.1CVSS8.4AI score0.0871EPSS
Exploits7References4
ATTACKERKB
ATTACKERKBadded 2025/08/06 12:0 a.m.3 views

CVE-2025-50286

A Remote Code Execution RCE vulnerability in Grav CMS v1.7.48 allows an authenticated admin to upload a malicious plugin via the /admin/tools/direct-install interface. Once uploaded, the plugin is automatically extracted and loaded, allowing arbitrary PHP code execution and reverse shell access...

8.1CVSS6.5AI score0.0871EPSS
Exploits7References5
Rows per page
Query Builder