Lucene search
K

9 matches found

Veracode
Veracode
added 2025/12/13 7:8 a.m.68 views

Denial Of Service (DoS)

getgrav/grav is vulnerable to a Denial of Service DoS. The vulnerability is due to insufficient sanitization of the scheduledat parameter, which allows an attacker to inject malicious cron expressions e.g., a single quote and disrupt the admin panel functionality, leading to a denial of service...

4.9CVSS5.9AI score0.00339EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/02 10:31 p.m.5 views

CVE-2025-66303

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, A Denial of Service DoS vulnerability has been identified in Grav related to the handling of scheduledat parameters. Specifically, the application fails to properly sanitize input for cron expressions. By manipulating the scheduledat...

4.9CVSS6.7AI score0.00339EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/02 12:36 a.m.4 views

EUVD-2025-200107

Grav is vulnerable to a DOS on the admin panel...

4.9CVSS6.4AI score0.00339EPSS
Exploits1References3
OSV
OSV
added 2025/12/02 12:36 a.m.2 views

GHSA-X62Q-P736-3997 Grav is vulnerable to a DOS on the admin panel

DOS on the admin panel Severity Rating: Medium Vector: Denial Of Service CVE: XXX CWE: 400 - Uncontrolled Resource Consumption CVSS Score: 4.9 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Analysis A Denial of Service DoS vulnerability has been identified in the application related to...

4.9CVSS6.8AI score0.00339EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2025/12/02 12:36 a.m.8 views

Grav is vulnerable to a DOS on the admin panel

DOS on the admin panel Severity Rating: Medium Vector: Denial Of Service CVE: XXX CWE: 400 - Uncontrolled Resource Consumption CVSS Score: 4.9 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Analysis A Denial of Service DoS vulnerability has been identified in the application related to...

4.9CVSS6.8AI score0.00339EPSS
Exploits1References4Affected Software1
Snyk
Snyk
added 2025/12/01 11:2 p.m.1 views

Denial of Service (DoS)

Overview getgrav/grav is a Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS. Affected versions of this package are vulnerable to Denial of Service DoS via improper handling of the scheduledat parameter. An attacker can cause the admin panel to become non-functional by...

6.9CVSS7AI score0.00339EPSS
Exploits1References2
NVD
NVD
added 2025/12/01 10:15 p.m.7 views

CVE-2025-66303

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, A Denial of Service DoS vulnerability has been identified in Grav related to the handling of scheduledat parameters. Specifically, the application fails to properly sanitize input for cron expressions. By manipulating the scheduledat...

4.9CVSS0.00339EPSS
Exploits1References2
OSV
OSV
added 2025/12/01 9:35 p.m.6 views

CVE-2025-66303 Grav is vulnerable to a DOS on the admin panel

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, A Denial of Service DoS vulnerability has been identified in Grav related to the handling of scheduledat parameters. Specifically, the application fails to properly sanitize input for cron expressions. By manipulating the scheduledat...

4.9CVSS6.7AI score0.00339EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/01 12:0 a.m.8 views

PT-2025-48562

Name of the Vulnerable Software and Affected Versions Grav versions prior to 1.8.0-beta.27 Description Grav is susceptible to a Denial of Service DoS condition due to improper input sanitization of the scheduled at parameter when processing cron expressions. Manipulating this parameter with...

4.9CVSS6.6AI score0.00339EPSS
Exploits1References5
Rows per page
Query Builder