Lucene search
+L

142 matches found

cve
cve
added 6 hours ago8 views

CVE-2026-62386

The CVE-2026-62386 entry applies to Grav API plugin (getgrav/grav-plugin-api)

8.2CVSS6.1AI score
Exploits0References2
euvd
euvd
added 6 hours ago5 views

EUVD-2026-45086

The Grav API plugin getgrav/grav-plugin-api before 1.0.0-rc.16 accepts JWT access tokens through the ?token= URL query parameter on every API route JwtAuthenticator::extractBearerToken fallback. Because tokens are embedded in URLs, they are logged verbatim in web server access logs, leaked via th...

8.2CVSS6.1AI score
Exploits0References2
nvd
nvd
added 2 days ago6 views

CVE-2026-61452

The Grav API plugin getgrav/grav-plugin-api before 2.0.4 contains an improper session invalidation vulnerability where JWT access tokens are issued without a jti JWT ID claim and therefore cannot be revoked server-side. Unlike refresh tokens, access tokens remain valid for their full lifetime...

6.9CVSS0.00194EPSS
Exploits0References2
nvd
nvd
added 2 days ago7 views

CVE-2026-61457

The Grav API plugin getgrav/grav-plugin-api before 1.0.3 contains a file upload extension bypass in the API media controller. HandlesMediaUploads::validateFileExtension inspects only the final file extension via pathinfo$filename, PATHINFOEXTENSION, so a user with api.media.write permission can...

8.8CVSS0.00464EPSS
Exploits0References2
nvd
nvd
added 2 days ago9 views

CVE-2026-61451

The Grav API plugin grav-plugin-api before 1.0.4 does not validate the origin of the client-supplied adminbaseurl field in the POST /api/v1/auth/forgot-password endpoint. The sanitizeHttpUrl function only checks that the URL scheme is http/https and never verifies the host against the server's ow...

9.6CVSS0.00244EPSS
Exploits0References2
cve
cve
added 2 days ago5 views

CVE-2026-61452

The Grav API plugin (getgrav/grav-plugin-api) up to version 2.0.3 has an improper session invalidation flaw: JWT access tokens are issued without a jti (JWT ID) claim and cannot be revoked server-side. Access tokens remain valid for their full lifetime (default 1 hour) regardless of logout, passw...

6.9CVSS6.1AI score0.00194EPSS
Exploits0References2
cve
cve
added 2 days ago5 views

CVE-2026-61451

CVE-2026-61451 affects Grav API plugin (grav-plugin-api)

9.6CVSS6.2AI score0.00244EPSS
Exploits0References2
nvd
nvd
added last week7 views

CVE-2026-61456

The Grav API plugin getgrav/grav-plugin-api before 1.0.3 fails to sanitize SVG files uploaded through the POST /api/v1/media endpoint. The HandlesMediaUploads::processUploadedFile method validates only the file extension and never invokes Security::sanitizeSVG, so an authenticated attacker with t...

5.1CVSS0.00141EPSS
Exploits0References2
euvd
euvd
added last week6 views

EUVD-2026-42905

The Grav API plugin getgrav/grav-plugin-api before 1.0.3 fails to sanitize SVG files uploaded through the POST /api/v1/media endpoint. The HandlesMediaUploads::processUploadedFile method validates only the file extension and never invokes Security::sanitizeSVG, so an authenticated attacker with t...

5.1CVSS6.2AI score0.00141EPSS
Exploits0References2
nvd
nvd
added 2026/07/08 2:17 p.m.8 views

CVE-2026-58656

Grav API plugin before v1.0.0-rc.16 accepts JWT tokens via the ?token= URL query parameter and responds with Access-Control-Allow-Origin: , allowing unauthenticated attackers to make fully authenticated cross-origin API requests from any malicious website. Attackers who obtain a leaked JWT token...

8.7CVSS0.00271EPSS
Exploits0References2
nvd
nvd
added 2026/07/08 2:17 p.m.7 views

CVE-2026-58654

The Grav API plugin getgrav/grav-plugin-api 1.0.0 contains an unrestricted file upload vulnerability in the avatar upload endpoint /api/v1/users/user/avatar. The endpoint validates only the client-declared MIME type getClientMediaType beginning with 'image/' and does not inspect the actual file...

5.3CVSS0.00261EPSS
Exploits0References2
cvelist
cvelist
added 2026/07/08 1:49 p.m.30 views

CVE-2026-58656 Grav API Plugin - Cross-Origin Admin Account Takeover via CORS Wildcard and JWT Query Parameter

Grav API plugin before v1.0.0-rc.16 accepts JWT tokens via the ?token= URL query parameter and responds with Access-Control-Allow-Origin: , allowing unauthenticated attackers to make fully authenticated cross-origin API requests from any malicious website. Attackers who obtain a leaked JWT token...

8.7CVSS0.00271EPSS
Exploits0References2
cve
cve
added 2026/07/08 1:49 p.m.25 views

CVE-2026-58656

Grav API plugin before v1.0.0-rc.16: accepts JWT tokens via the ?token= URL query parameter and replies with Access-Control-Allow-Origin: *, enabling unauthenticated cross-origin API requests. This can allow attackers who obtain a leaked JWT from logs/history to create persistent backdoor super-a...

8.7CVSS6AI score0.00271EPSS
Exploits0References2
euvd
euvd
added 2026/07/08 1:49 p.m.5 views

EUVD-2026-42265

The Grav API plugin getgrav/grav-plugin-api 1.0.0 contains an unrestricted file upload vulnerability in the avatar upload endpoint /api/v1/users/user/avatar. The endpoint validates only the client-declared MIME type getClientMediaType beginning with 'image/' and does not inspect the actual file...

5.3CVSS6.7AI score0.00261EPSS
Exploits0References2
nvd
nvd
added 2026/06/15 8:16 p.m.10 views

CVE-2026-50869

An issue in the api/plugin.php component of Bludit v3.19.0 allows attackers to execute a directory traversal via supplying a crafted request...

9.8CVSS0.00718EPSS
Exploits0References1
nvd
nvd
added 2026/06/15 8:16 p.m.24 views

CVE-2026-38329

Bludit CMS before version 3.18.4 allows Remote Code Execution RCE via the API Plugin. The POST /api/files/key endpoint in bl-plugins/api/plugin.php fails to perform authorization checks and lacks file extension validation. An attacker with a valid API token can upload a malicious PHP script and...

9.8CVSS0.00627EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/15 12:0 a.m.25 views

PT-2026-49297

Bludit CMS before version 3.18.4 allows Remote Code Execution RCE via the API Plugin. The POST /api/files/key endpoint in bl-plugins/api/plugin.php fails to perform authorization checks and lacks file extension validation. An attacker with a valid API token can upload a malicious PHP script and...

6.3AI score0.00627EPSS
Exploits0References2
cve
cve
added 2026/06/15 12:0 a.m.19 views

CVE-2026-50869

CVE-2026-50869 relates to Bludit v3.19.0, where the api/plugin.php component is vulnerable to a directory traversal via a crafted request. The CVE entry documents a high-severity issue (CVSS 3.1: 9.8, CRITICAL) with network attack vector, no privileges required, and no user interaction. The affec...

9.8CVSS5.5AI score0.00718EPSS
Exploits0References1
cve
cve
added 2026/06/15 12:0 a.m.27 views

CVE-2026-38329

Bludit CMS is affected pre-3.18.4. The API Plugin's POST /api/files/{key} endpoint in bl-plugins/api/plugin.php fails authorization checks and lacks file extension validation, enabling an attacker with a valid API token to upload a PHP script and execute arbitrary code on the server (Remote Code ...

9.8CVSS6.3AI score0.00627EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:17 p.m.13 views

CVE-2026-42843

Grav API Plugin is a RESTful API for Grav CMS that provides full headless access to your site's content, media, configuration, users, and system management. Prior to 1.0.0-beta.15, an insecure direct object reference and logic flaw in the Grav API plugin UsersController::update allows any...

8.8CVSS5.5AI score0.0035EPSS
Exploits1References1
Rows per page
Query Builder