Lucene search

K

Getgrav Security Vulnerabilities

cve
cve

CVE-2023-31506

A cross-site scripting (XSS) vulnerability in Grav versions 1.7.44 and before, allows remote authenticated attackers to execute arbitrary web scripts or HTML via the onmouseover attribute of an ISINDEX...

5.4CVSS

5.1AI Score

0.0004EPSS

2024-02-09 07:15 AM
12
cve
cve

CVE-2024-34082

Grav is a file-based Web platform. Prior to version 1.7.46, a low privilege user account with page edit privilege can read any server files using Twig Syntax. This includes Grav user account files - /grav/user/accounts/*.yaml. This file stores hashed user password, 2FA secret, and the password...

8.5CVSS

6.8AI Score

0.0004EPSS

2024-05-15 05:15 PM
38
cve
cve

CVE-2024-28119

Grav is an open-source, flat-file content management system. Prior to version 1.7.45, due to the unrestricted access to twig extension class from grav context, an attacker can redefine the escape function and execute arbitrary commands. Twig processing of static pages can be enabled in the front...

8.8CVSS

9.1AI Score

0.0004EPSS

2024-03-21 10:15 PM
35
cve
cve

CVE-2024-28116

Grav is an open-source, flat-file content management system. Grav CMS prior to version 1.7.45 is vulnerable to a Server-Side Template Injection (SSTI), which allows any authenticated user (editor permissions are sufficient) to execute arbitrary code on the remote server bypassing the existing...

8.8CVSS

9AI Score

0.0004EPSS

2024-03-21 10:15 PM
27
cve
cve

CVE-2024-28118

Grav is an open-source, flat-file content management system. Prior to version 1.7.45, due to the unrestricted access to twig extension class from Grav context, an attacker can redefine config variable. As a result, attacker can bypass a previous SSTI mitigation. Twig processing of static pages can....

8.8CVSS

9.1AI Score

0.0004EPSS

2024-03-21 10:15 PM
34
cve
cve

CVE-2024-27921

Grav is an open-source, flat-file content management system. A file upload path traversal vulnerability has been identified in the application prior to version 1.7.45, enabling attackers to replace or create files with extensions like .json, .zip, .css, .gif, etc. This critical security flaw poses....

8.8CVSS

8.9AI Score

0.0004EPSS

2024-03-21 10:15 PM
29
cve
cve

CVE-2024-28117

Grav is an open-source, flat-file content management system. Prior to version 1.7.45, Grav validates accessible functions through the Utils::isDangerousFunction function, but does not impose restrictions on twig functions like twig_array_map, allowing attackers to bypass the validation and execute....

8.8CVSS

9.2AI Score

0.0004EPSS

2024-03-21 10:15 PM
27
cve
cve

CVE-2024-27923

Grav is a content management system (CMS). Prior to version 1.7.43, users who may write a page may use the frontmatter feature due to insufficient permission validation and inadequate file name validation. This may lead to remote code execution. Version 1.7.43 fixes this...

8.8CVSS

8.9AI Score

0.0004EPSS

2024-03-21 02:52 AM
43
cve
cve

CVE-2023-49146

DOMSanitizer (aka dom-sanitizer) before 1.0.7 allows XSS via an SVG document because of mishandling of comments and greedy regular...

6.1CVSS

5.9AI Score

0.0005EPSS

2023-11-22 10:15 PM
25
cve
cve

CVE-2021-29439

The Grav admin plugin prior to version 1.10.11 does not correctly verify caller's privileges. As a consequence, users with the permission admin.login can install third-party plugins and their dependencies. By installing the right plugin, an attacker can obtain an arbitrary code execution primitive....

7.2CVSS

7.3AI Score

0.001EPSS

2021-04-13 08:15 PM
32
8
cve
cve

CVE-2023-34253

Grav is a flat-file content management system. Prior to version 1.7.42, the denylist introduced in commit 9d6a2d to prevent dangerous functions from being executed via injection of malicious templates was insufficient and could be easily subverted in multiple ways -- (1) using unsafe functions...

8.8CVSS

7.3AI Score

0.007EPSS

2023-06-14 11:15 PM
25
cve
cve

CVE-2023-34252

Grav is a flat-file content management system. Prior to version 1.7.42, there is a logic flaw in the GravExtension.filterFilter() function whereby validation against a denylist of unsafe functions is only performed when the argument passed to filter is a string. However, passing an array as a...

8.8CVSS

7.2AI Score

0.003EPSS

2023-06-14 10:15 PM
32
cve
cve

CVE-2023-37897

Grav is a file-based Web-platform built in PHP. Grav is subject to a server side template injection (SSTI) vulnerability. The fix for another SSTI vulnerability using |map, |filter and |reduce twigs implemented in the commit 71bbed1 introduces bypass of the denylist due to incorrect return value...

8.8CVSS

8.9AI Score

0.001EPSS

2023-07-18 09:15 PM
17
cve
cve

CVE-2023-34251

Grav is a flat-file content management system. Versions prior to 1.7.42 are vulnerable to server side template injection. Remote code execution is possible by embedding malicious PHP code on the administrator screen by a user with page editing privileges. Version 1.7.42 contains a fix for this...

9.9CVSS

7.4AI Score

0.002EPSS

2023-06-14 10:15 PM
25
cve
cve

CVE-2023-34452

Grav is a flat-file content management system. In versions 1.7.42 and prior, the "/forgot_password" page has a self-reflected cross-site scripting vulnerability that can be exploited by injecting a script into the "email" parameter of the request. While this vulnerability can potentially allow an.....

6.1CVSS

6.3AI Score

0.001EPSS

2023-06-14 11:15 PM
22
cve
cve

CVE-2023-34448

Grav is a flat-file content management system. Prior to version 1.7.42, the patch for CVE-2022-2073, a server-side template injection vulnerability in Grav leveraging the default filter() function, did not block other built-in functions exposed by Twig's Core Extension that could be used to invoke....

8.8CVSS

7.2AI Score

0.003EPSS

2023-06-14 11:15 PM
26
cve
cve

CVE-2021-29440

Grav is a file based Web-platform. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this behavior can be used to gain arbitrary code execution and elevate privileges on the...

8.4CVSS

7.3AI Score

0.038EPSS

2021-04-13 08:15 PM
111
10
cve
cve

CVE-2021-21425

Grav Admin Plugin is an HTML user interface that provides a way to configure Grav and create and modify pages. In versions 1.10.7 and earlier, an unauthenticated user can execute some methods of administrator controller without needing any credentials. Particular method execution will result in...

9.8CVSS

9.4AI Score

0.756EPSS

2021-04-07 07:15 PM
72
10
cve
cve

CVE-2022-2073

Code Injection in GitHub repository getgrav/grav prior to...

7.2CVSS

7AI Score

0.001EPSS

2022-06-29 07:15 PM
77
4
cve
cve

CVE-2022-1173

stored xss in GitHub repository getgrav/grav prior to...

5.4CVSS

5.3AI Score

0.001EPSS

2022-04-26 04:15 PM
53
cve
cve

CVE-2022-0970

Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav prior to...

5.4CVSS

5.2AI Score

0.001EPSS

2022-03-15 05:15 PM
79
cve
cve

CVE-2022-0743

Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav prior to...

4.6CVSS

4.5AI Score

0.001EPSS

2022-02-28 11:15 PM
89
cve
cve

CVE-2022-0268

Cross-site Scripting (XSS) - Stored in Packagist getgrav/grav prior to...

5.4CVSS

5.1AI Score

0.001EPSS

2022-01-25 11:15 AM
34
cve
cve

CVE-2021-3920

grav-plugin-admin is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site...

5.4CVSS

5.4AI Score

0.001EPSS

2021-11-19 01:15 PM
20
cve
cve

CVE-2021-3924

grav is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path...

7.5CVSS

7.4AI Score

0.002EPSS

2021-11-05 03:15 PM
42
cve
cve

CVE-2021-3904

grav is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site...

5.4CVSS

5.3AI Score

0.001EPSS

2021-10-27 10:15 PM
49
cve
cve

CVE-2021-3818

grav is vulnerable to Reliance on Cookies without Validation and Integrity...

5.3CVSS

5.2AI Score

0.001EPSS

2021-09-27 01:15 PM
42
cve
cve

CVE-2021-3799

grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or...

5.4CVSS

5.5AI Score

0.001EPSS

2021-09-27 01:15 PM
17
cve
cve

CVE-2020-29553

The Scheduler in Grav CMS through 1.7.0-rc.17 allows an attacker to execute a system command by tricking an admin into visiting a malicious website...

8.8CVSS

8.7AI Score

0.001EPSS

2021-03-15 07:15 PM
43
cve
cve

CVE-2020-29555

The BackupDelete functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to delete arbitrary files on the underlying server by exploiting a path-traversal technique. (This vulnerability can also be exploited by an unauthenticated attacker due to a lack of CSRF...

8.1CVSS

8.2AI Score

0.001EPSS

2021-03-15 06:15 PM
34
2
cve
cve

CVE-2020-29556

The Backup functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to read arbitrary local files on the underlying server by exploiting a path-traversal technique. (This vulnerability can also be exploited by an unauthenticated attacker due to a lack of CSRF...

5.5CVSS

6.6AI Score

0.001EPSS

2021-03-15 06:15 PM
31
2
cve
cve

CVE-2020-11529

Common/Grav.php in Grav before 1.7 has an Open Redirect. This is partially fixed in 1.6.23 and still present in...

6.1CVSS

6.1AI Score

0.005EPSS

2020-04-04 07:15 PM
81
cve
cve

CVE-2019-16126

Grav through 1.6.15 allows (Stored) Cross-Site Scripting due to JavaScript execution in SVG...

6.1CVSS

6AI Score

0.001EPSS

2019-09-09 02:15 AM
113
cve
cve

CVE-2018-5233

Cross-site scripting (XSS) vulnerability in system/src/Grav/Common/Twig/Twig.php in Grav CMS before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to...

6.1CVSS

5.9AI Score

0.003EPSS

2018-03-19 09:29 PM
28