Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
getgrav grav vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34452
Grav is a flat-file content management system. In versions 1.7.42 and prior, the "/forgot_password" page has a self-reflected cross-site scripting vulnerability that can be exploited by injecting a script into the "email" parameter of the request. While this v...
Getgrav Grav
3.5
CVSSv2
CVE-2022-0268
Cross-site Scripting (XSS) - Stored in Packagist getgrav/grav before 1.7.28.
Getgrav Grav
3.5
CVSSv2
CVE-2022-0743
Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav before 1.7.31.
Getgrav Grav
5.8
CVSSv2
CVE-2020-11529
Common/Grav.php in Grav prior to 1.7 has an Open Redirect. This is partially fixed in 1.6.23 and still present in 1.6.x.
Getgrav Grav
6.5
CVSSv2
CVE-2022-2073
Code Injection in GitHub repository getgrav/grav before 1.7.34.
Getgrav Grav
3.5
CVSSv2
CVE-2022-1173
stored xss in GitHub repository getgrav/grav before 1.7.33.
Getgrav Grav
5
CVSSv2
CVE-2021-3818
grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking
Getgrav Grav
3.5
CVSSv2
CVE-2021-3904
grav is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Getgrav Grav
5
CVSSv2
CVE-2021-3924
grav is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Getgrav Grav
6.5
CVSSv2
CVE-2021-29440
Grav is a file based Web-platform. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this behavior can be used to gain arbitrary code execution and elevate privile...
Getgrav Grav
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »