Lucene search
K

32 matches found

NVD
NVD
added 2026/06/15 2:16 a.m.13 views

CVE-2026-12206

A vulnerability was identified in Grit42 Grit up to 0.11.0. This issue affects the function Grit::Assays::DataTableEntity of the file modules/assays/backend/app/models/grit/assays/datatableentity.rb. The manipulation leads to sql injection. The attack is possible to be carried out remotely. The...

6.5CVSS0.00196EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/15 1:30 a.m.11 views

EUVD-2026-36680

A vulnerability was identified in Grit42 Grit up to 0.11.0. This issue affects the function Grit::Assays::DataTableEntity of the file modules/assays/backend/app/models/grit/assays/datatableentity.rb. The manipulation leads to sql injection. The attack is possible to be carried out remotely. The...

6.5CVSS6.3AI score0.00196EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/15 1:30 a.m.36 views

CVE-2026-12206 Grit42 Grit data_table_entity.rb DataTableEntity sql injection

A vulnerability was identified in Grit42 Grit up to 0.11.0. This issue affects the function Grit::Assays::DataTableEntity of the file modules/assays/backend/app/models/grit/assays/datatableentity.rb. The manipulation leads to sql injection. The attack is possible to be carried out remotely. The...

6.5CVSS0.00196EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/15 1:30 a.m.11 views

CVE-2026-12206 Grit42 Grit data_table_entity.rb DataTableEntity sql injection

A vulnerability was identified in Grit42 Grit up to 0.11.0. This issue affects the function Grit::Assays::DataTableEntity of the file modules/assays/backend/app/models/grit/assays/datatableentity.rb. The manipulation leads to sql injection. The attack is possible to be carried out remotely. The...

6.5CVSS6.2AI score0.00196EPSS
Exploits0References5
CVE
CVE
added 2026/06/15 1:30 a.m.25 views

CVE-2026-12206

Grit42 Grit (up to 0.11.0) contains a SQL injection in Grit::Assays::DataTableEntity (modules/assays/backend/app/models/grit/assays/data_table_entity.rb). The issue can be exploited remotely; a publicly available exploit exists. The vendor was contacted but did not respond. No remediation or vers...

6.5CVSS6.3AI score0.00196EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/15 12:31 a.m.14 views

EUVD-2026-36667

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules/core/backend/app/controllers/concerns/grit/core/gritentitycontroller.rb of the component GritEntityController. Performing a manipulation results in sql injection. The...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.14 views

PT-2026-49166

A vulnerability was identified in Grit42 Grit up to 0.11.0. This issue affects the function Grit::Assays::DataTableEntity of the file modules/assays/backend/app/models/grit/assays/data table entity.rb. The manipulation leads to sql injection. The attack is possible to be carried out remotely. The...

6.5CVSS5.3AI score0.00196EPSS
Exploits0References6
NVD
NVD
added 2026/06/14 11:16 p.m.17 views

CVE-2026-12188

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules/core/backend/app/controllers/concerns/grit/core/gritentitycontroller.rb of the component GritEntityController. Performing a manipulation results in sql injection. The...

6.5CVSS0.00196EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/14 10:15 p.m.30 views

CVE-2026-12188 Grit42 Grit GritEntityController grit_entity_controller.rb sql injection

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules/core/backend/app/controllers/concerns/grit/core/gritentitycontroller.rb of the component GritEntityController. Performing a manipulation results in sql injection. The...

6.5CVSS0.00196EPSS
Exploits0References5
CVE
CVE
added 2026/06/14 10:15 p.m.27 views

CVE-2026-12188

Affected software: Grit42 Grit (up to 0.11.0). Vulnerable component: grit_entity_controller.rb (modules/core/backend/app/controllers/concerns/grit/core/grit_entity_controller.rb) within GritEntityController. Issue: SQL injection triggered by manipulating a function in the controller; described as...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/14 10:15 p.m.12 views

CVE-2026-12188 Grit42 Grit GritEntityController grit_entity_controller.rb sql injection

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules/core/backend/app/controllers/concerns/grit/core/gritentitycontroller.rb of the component GritEntityController. Performing a manipulation results in sql injection. The...

6.5CVSS6.3AI score0.00196EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/14 12:0 a.m.15 views

PT-2026-49145

Name of the Vulnerable Software and Affected Versions Grit42 Grit versions prior to 0.11.0 Description A SQL injection issue exists in the GritEntityController component, specifically within the file modules/core/backend/app/controllers/concerns/grit/core/grit entity controller.rb. This flaw allo...

6.5CVSS6.9AI score0.00196EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/03/06 7:54 a.m.5 views

CVE-2026-28041

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Grit grit allows PHP Local File Inclusion.This issue affects Grit: from n/a through = 1.0.1...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/05 6:30 a.m.5 views

EUVD-2026-9702

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Grit grit allows PHP Local File Inclusion.This issue affects Grit: from n/a through = 1.0.1...

5.9AI score0.00403EPSS
Exploits0References2
NVD
NVD
added 2026/03/05 6:16 a.m.4 views

CVE-2026-28041

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Grit grit allows PHP Local File Inclusion.This issue affects Grit: from n/a through = 1.0.1...

8.1CVSS0.00403EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/05 5:54 a.m.3 views

CVE-2026-28041 WordPress Grit theme <= 1.0.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Grit grit allows PHP Local File Inclusion.This issue affects Grit: from n/a through = 1.0.1...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
CVE
CVE
added 2026/03/05 5:54 a.m.10 views

CVE-2026-28041

CVE-2026-28041 : WordPress theme Grit (AncoraThemes)

8.1CVSS5.9AI score0.00403EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/05 5:54 a.m.31 views

CVE-2026-28041 WordPress Grit theme <= 1.0.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Grit grit allows PHP Local File Inclusion.This issue affects Grit: from n/a through = 1.0.1...

8.1CVSS0.00403EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.4 views

PT-2026-23322

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Grit grit allows PHP Local File Inclusion.This issue affects Grit: from n/a through = 1.0.1...

5.9AI score0.00403EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.7 views

WordPress plugin Grit 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
Rows per page
Query Builder