3 matches found
Exploit for Code Injection in Getgrav Grav
EN GenGravSSTIExploit is a PoC Python script that exploits...
CVE-2024-28116 Server-Side Template Injection (SSTI) with Grav CMS security sandbox bypass
Grav is an open-source, flat-file content management system. Grav CMS prior to version 1.7.45 is vulnerable to a Server-Side Template Injection SSTI, which allows any authenticated user editor permissions are sufficient to execute arbitrary code on the remote server bypassing the existing securit...
CVE-2024-28116 Server-Side Template Injection (SSTI) with Grav CMS security sandbox bypass
Grav is an open-source, flat-file content management system. Grav CMS prior to version 1.7.45 is vulnerable to a Server-Side Template Injection SSTI, which allows any authenticated user editor permissions are sufficient to execute arbitrary code on the remote server bypassing the existing securit...