Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20 matches found

RedhatCVE
RedhatCVEadded 2026/03/06 7:54 a.m.2 views

CVE-2026-28041

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Grit grit allows PHP Local File Inclusion.This issue affects Grit: from n/a through = 1.0.1...

8.1CVSS5.8AI score0.00172EPSS
Exploits0References1
EUVD
EUVDadded 2026/03/05 6:30 a.m.3 views

EUVD-2026-9702

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Grit grit allows PHP Local File Inclusion.This issue affects Grit: from n/a through = 1.0.1...

5.9AI score0.00172EPSS
Exploits0References2
NVD
NVDadded 2026/03/05 6:16 a.m.1 views

CVE-2026-28041

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Grit grit allows PHP Local File Inclusion.This issue affects Grit: from n/a through = 1.0.1...

8.1CVSS0.00172EPSS
Exploits0References1
CVE
CVEadded 2026/03/05 5:54 a.m.7 views

CVE-2026-28041

CVE-2026-28041 : WordPress theme Grit (AncoraThemes)

8.1CVSS5.9AI score0.00172EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/05 5:54 a.m.2 views

CVE-2026-28041 WordPress Grit theme <= 1.0.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Grit grit allows PHP Local File Inclusion.This issue affects Grit: from n/a through = 1.0.1...

8.1CVSS5.8AI score0.00172EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/05 5:54 a.m.27 views

CVE-2026-28041 WordPress Grit theme <= 1.0.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Grit grit allows PHP Local File Inclusion.This issue affects Grit: from n/a through = 1.0.1...

8.1CVSS0.00172EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/03/05 12:0 a.m.2 views

PT-2026-23322

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Grit grit allows PHP Local File Inclusion.This issue affects Grit: from n/a through = 1.0.1...

5.9AI score0.00172EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/03/05 12:0 a.m.4 views

WordPress plugin Grit 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.1CVSS5.8AI score0.00172EPSS
Exploits0References1
Patchstack
Patchstackadded 2026/03/02 11:28 a.m.3 views

WordPress Grit theme <= 1.0.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Grit versions = 1.0.1...

8.1CVSS5.9AI score0.00172EPSS
Exploits0Affected Software1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-3296

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00202EPSS
Exploits0References7
vulnersOsv
vulnersOsvadded 2025/03/31 12:30 a.m.4 views

org.noear:folkmq-broker-embedded (>=1.7.8 <=1.7.11), org.noear:grit-server-solon-plugin (>=2.0.0 <=2.0.1) +21 more potentially affected by CVE-2025-2961 via org.noear:solon-view (>=2.9.2-M1 <=3.1.0)

org.noear:solon-view MAVEN version =2.9.2-M1, =1.7.8, =2.0.0, =2.0.0, =1.9.2, =1.8.0, =1.8.0, =3.10.0, =3.10.0, =3.10.0, =2.9.2, =2.9.2, =2.9.2, =2.9.2, =2.9.2, =2.9.2, =3.10.7 and more Source cves: CVE-2025-2961 Source advisory: OSV:GHSA-2M4Q-2C6R-HMC3...

5.3CVSS5.4AI score0.005EPSS
Exploits0
OSV
OSVadded 2022/05/17 4:43 a.m.25 views

GHSA-95XQ-V4M2-FQ3R GitLab Grit Gem for Ruby contains a flaw allowing arbitrary commands to be executed

The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature. GitLab Grit Gem for Ruby contains a flaw in the app/contexts/searchcontext.rb...

6.5CVSS6.6AI score0.00202EPSS
Exploits0References6
Github Security Blog
Github Security Blogadded 2022/05/17 4:43 a.m.24 views

GitLab Grit Gem for Ruby contains a flaw allowing arbitrary commands to be executed

The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature. GitLab Grit Gem for Ruby contains a flaw in the app/contexts/searchcontext.rb...

6.5CVSS7.1AI score0.00202EPSS
Exploits0References6Affected Software1
Openbugbounty
Openbugbountyadded 2018/03/25 7:21 a.m.12 views

grit-pump.com XSS vulnerability

Open Bug Bounty ID: OBB-588493 Description| Value ---|--- Affected Website:| grit-pump.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
NVD
NVDadded 2014/05/17 8:55 p.m.15 views

CVE-2013-4489

The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature...

6.5CVSS6.9AI score0.00202EPSS
Exploits0References1
Prion
Prionadded 2014/05/17 8:55 p.m.22 views

Design/Logic Flaw

The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature...

6.5CVSS7.4AI score0.00202EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2014/05/17 8:0 p.m.24 views

CVE-2013-4489

The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature...

6.8AI score0.00202EPSS
Exploits0References1
CVE
CVEadded 2014/05/17 8:0 p.m.59 views

CVE-2013-4489

CVE-2013-4489 affects the GitLab/Grit Ruby gem used in GitLab releases 5.2 before 5.4.1 and 6.x before 6.2.3. The vulnerability arises in the code search feature (app/contexts/search_context.rb): unsanitized input from the code search box can be evaluated by the shell, allowing remote authenticat...

6.5CVSS7.1AI score0.00202EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVEadded 2014/05/17 8:0 p.m.24 views

CVE-2013-4489

Removed by vendor...

6.5CVSS5.8AI score0.00202EPSS
Exploits0
RubySec
RubySecadded 2013/11/04 12:0 a.m.19 views

GitLab Grit Gem for Ruby contains a flaw

GitLab Grit Gem for Ruby contains a flaw in the app/contexts/searchcontext.rb script. The issue is triggered when input passed via the code search box is not properly sanitized, which allows strings to be evaluated by the Bourne shell. This may allow a remote attacker to execute arbitrary command...

6.5CVSS7.3AI score0.00202EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder