9 matches found
Denial Of Service (DoS)
getgrav/grav is vulnerable to a Denial of Service DoS. The vulnerability is due to insufficient sanitization of the scheduledat parameter, which allows an attacker to inject malicious cron expressions e.g., a single quote and disrupt the admin panel functionality, leading to a denial of service...
CVE-2025-66303
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, A Denial of Service DoS vulnerability has been identified in Grav related to the handling of scheduledat parameters. Specifically, the application fails to properly sanitize input for cron expressions. By manipulating the scheduledat...
EUVD-2025-200107
Grav is vulnerable to a DOS on the admin panel...
GHSA-X62Q-P736-3997 Grav is vulnerable to a DOS on the admin panel
DOS on the admin panel Severity Rating: Medium Vector: Denial Of Service CVE: XXX CWE: 400 - Uncontrolled Resource Consumption CVSS Score: 4.9 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Analysis A Denial of Service DoS vulnerability has been identified in the application related to...
Grav is vulnerable to a DOS on the admin panel
DOS on the admin panel Severity Rating: Medium Vector: Denial Of Service CVE: XXX CWE: 400 - Uncontrolled Resource Consumption CVSS Score: 4.9 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Analysis A Denial of Service DoS vulnerability has been identified in the application related to...
Denial of Service (DoS)
Overview getgrav/grav is a Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS. Affected versions of this package are vulnerable to Denial of Service DoS via improper handling of the scheduledat parameter. An attacker can cause the admin panel to become non-functional by...
CVE-2025-66303
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, A Denial of Service DoS vulnerability has been identified in Grav related to the handling of scheduledat parameters. Specifically, the application fails to properly sanitize input for cron expressions. By manipulating the scheduledat...
CVE-2025-66303 Grav is vulnerable to a DOS on the admin panel
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, A Denial of Service DoS vulnerability has been identified in Grav related to the handling of scheduledat parameters. Specifically, the application fails to properly sanitize input for cron expressions. By manipulating the scheduledat...
PT-2025-48562
Name of the Vulnerable Software and Affected Versions Grav versions prior to 1.8.0-beta.27 Description Grav is susceptible to a Denial of Service DoS condition due to improper input sanitization of the scheduled at parameter when processing cron expressions. Manipulating this parameter with...