Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
getgrav grav vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34448
Grav is a flat-file content management system. Prior to version 1.7.42, the patch for CVE-2022-2073, a server-side template injection vulnerability in Grav leveraging the default `filter()` function, did not block other built-in functions exposed by Twig's Core Extension tha...
Getgrav Grav
NA
CVE-2023-34452
Grav is a flat-file content management system. In versions 1.7.42 and prior, the "/forgot_password" page has a self-reflected cross-site scripting vulnerability that can be exploited by injecting a script into the "email" parameter of the request. While this v...
Getgrav Grav
312
VMScore
CVE-2021-3904
grav is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Getgrav Grav
445
VMScore
CVE-2021-3924
grav is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Getgrav Grav
312
VMScore
CVE-2022-1173
stored xss in GitHub repository getgrav/grav before 1.7.33.
Getgrav Grav
NA
CVE-2023-31506
A cross-site scripting (XSS) vulnerability in Grav versions 1.7.44 and before, allows remote authenticated malicious users to execute arbitrary web scripts or HTML via the onmouseover attribute of an ISINDEX element.
Getgrav Grav
578
VMScore
CVE-2022-2073
Code Injection in GitHub repository getgrav/grav before 1.7.34.
Getgrav Grav
312
VMScore
CVE-2022-0743
Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav before 1.7.31.
Getgrav Grav
312
VMScore
CVE-2022-0268
Cross-site Scripting (XSS) - Stored in Packagist getgrav/grav before 1.7.28.
Getgrav Grav
312
VMScore
CVE-2022-0970
Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav before 1.7.31.
Getgrav Grav
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »