| 0 |
| url |
VCID-19nj-98jv-77ah |
| vulnerability_id |
VCID-19nj-98jv-77ah |
| summary |
Grav is vulnerable to Stored XSS through authenticated user-edited content
grav before v1.7.49.5 has a Stored Cross-Site Scripting (Stored XSS) vulnerability in the page editing functionality. An authenticated low-privileged user with permission to edit content can inject malicious JavaScript payloads into editable fields. The payload is stored on the server and later executed when any other user views or edits the affected page. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.8.0-beta.1 |
| purl |
pkg:composer/getgrav/grav@1.8.0-beta.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 1 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 2 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 3 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 4 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 5 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 6 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 7 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 8 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 9 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 10 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 11 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 12 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 13 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 14 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 15 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 16 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 17 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 18 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.8.0-beta.1 |
|
|
| aliases |
CVE-2025-66843, GHSA-mh85-44c2-3m97
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-19nj-98jv-77ah |
|
| 1 |
| url |
VCID-1bjq-3mkn-zyga |
| vulnerability_id |
VCID-1bjq-3mkn-zyga |
| summary |
|
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.34 |
| purl |
pkg:composer/getgrav/grav@1.7.34 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-2wpd-95xv-6kde |
|
| 2 |
| vulnerability |
VCID-2ye1-e9dh-1bay |
|
| 3 |
| vulnerability |
VCID-44z6-1fhy-tydk |
|
| 4 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 5 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 6 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 7 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 8 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 9 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 10 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 11 |
| vulnerability |
VCID-8vcs-7bzg-v7a1 |
|
| 12 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 13 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 14 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 15 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 16 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 17 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 18 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 19 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 20 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 21 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 22 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 23 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 24 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 25 |
| vulnerability |
VCID-qx77-ytdb-v7fm |
|
| 26 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 27 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 28 |
| vulnerability |
VCID-rpt5-58d4-u3g2 |
|
| 29 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 30 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 31 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 32 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 33 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 34 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
| 35 |
| vulnerability |
VCID-zh46-yhnw-3uek |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.34 |
|
|
| aliases |
CVE-2022-2073, GHSA-cxgw-r5jg-7xwq
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1bjq-3mkn-zyga |
|
| 2 |
| url |
VCID-2qtw-9wf6-nudj |
| vulnerability_id |
VCID-2qtw-9wf6-nudj |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav prior to 1.7.31. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.31 |
| purl |
pkg:composer/getgrav/grav@1.7.31 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-1bjq-3mkn-zyga |
|
| 2 |
| vulnerability |
VCID-2wpd-95xv-6kde |
|
| 3 |
| vulnerability |
VCID-2ye1-e9dh-1bay |
|
| 4 |
| vulnerability |
VCID-44z6-1fhy-tydk |
|
| 5 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 6 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 7 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 8 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 9 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 10 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 11 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 12 |
| vulnerability |
VCID-8vcs-7bzg-v7a1 |
|
| 13 |
| vulnerability |
VCID-9ae4-j22r-zybf |
|
| 14 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 15 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 16 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 17 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 18 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 19 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 20 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 21 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 22 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 23 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 24 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 25 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 26 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 27 |
| vulnerability |
VCID-qx77-ytdb-v7fm |
|
| 28 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 29 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 30 |
| vulnerability |
VCID-rpt5-58d4-u3g2 |
|
| 31 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 32 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 33 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 34 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 35 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 36 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
| 37 |
| vulnerability |
VCID-zh46-yhnw-3uek |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.31 |
|
|
| aliases |
CVE-2022-0743, GHSA-2p89-ppc2-mrq4
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2qtw-9wf6-nudj |
|
| 3 |
| url |
VCID-2wpd-95xv-6kde |
| vulnerability_id |
VCID-2wpd-95xv-6kde |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
A cross-site scripting (XSS) vulnerability in Grav versions 1.7.44 and before, allows remote authenticated attackers to execute arbitrary web scripts or HTML via the onmouseover attribute of an ISINDEX element. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.44 |
| purl |
pkg:composer/getgrav/grav@1.7.44 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 2 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 3 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 4 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 5 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 6 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 7 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 8 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 9 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 10 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 11 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 12 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 13 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 14 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 15 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 16 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 17 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 18 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 19 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 20 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 21 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 22 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 23 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 24 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 25 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 26 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 27 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 28 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.44 |
|
|
| aliases |
CVE-2023-31506, GHSA-xrf8-cmrg-7436
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2wpd-95xv-6kde |
|
| 4 |
| url |
VCID-2ye1-e9dh-1bay |
| vulnerability_id |
VCID-2ye1-e9dh-1bay |
| summary |
Improper Control of Generation of Code ('Code Injection')
Grav is a file-based Web platform. Prior to version 1.7.42, the denylist introduced in commit 9d6a2d to prevent dangerous functions from being executed via injection of malicious templates was insufficient and could be easily subverted in multiple ways -- (1) using unsafe functions that are not banned, (2) using capitalised callable names, and (3) using fully-qualified names for referencing callables. Consequently, a low privileged attacker with login access to Grav Admin panel and page creation/update permissions is able to inject malicious templates to obtain remote code execution. A patch in version 1.7.42 improves the denylist. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.42 |
| purl |
pkg:composer/getgrav/grav@1.7.42 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-2wpd-95xv-6kde |
|
| 2 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 3 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 4 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 5 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 6 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 7 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 8 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 9 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 10 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 11 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 12 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 13 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 14 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 15 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 16 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 17 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 18 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 19 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 20 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 21 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 22 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 23 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 24 |
| vulnerability |
VCID-rpt5-58d4-u3g2 |
|
| 25 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 26 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 27 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 28 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 29 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 30 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
| 31 |
| vulnerability |
VCID-zh46-yhnw-3uek |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.42 |
|
|
| aliases |
CVE-2023-34253, GHSA-j3v8-v77f-fvgm
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2ye1-e9dh-1bay |
|
| 5 |
| url |
VCID-44z6-1fhy-tydk |
| vulnerability_id |
VCID-44z6-1fhy-tydk |
| summary |
Improper Control of Generation of Code ('Code Injection')
Grav is a file-based Web platform. Prior to version 1.7.42, there is a logic flaw in the `GravExtension.filterFilter()` function whereby validation against a denylist of unsafe functions is only performed when the argument passed to filter is a string. However, passing an array as a callable argument allows the validation check to be skipped. Consequently, a low privileged attacker with login access to Grav Admin panel and page creation/update permissions is able to inject malicious templates to obtain remote code execution. The vulnerability can be found in the `GravExtension.filterFilter()` function declared in `/system/src/Grav/Common/Twig/Extension/GravExtension.php`. Version 1.7.42 contains a patch for this issue. End users should also ensure that `twig.undefined_functions` and `twig.undefined_filters` properties in `/path/to/webroot/system/config/system.yaml` configuration file are set to `false` to disallow Twig from treating undefined filters/functions as PHP functions and executing them. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.42 |
| purl |
pkg:composer/getgrav/grav@1.7.42 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-2wpd-95xv-6kde |
|
| 2 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 3 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 4 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 5 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 6 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 7 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 8 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 9 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 10 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 11 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 12 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 13 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 14 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 15 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 16 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 17 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 18 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 19 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 20 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 21 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 22 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 23 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 24 |
| vulnerability |
VCID-rpt5-58d4-u3g2 |
|
| 25 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 26 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 27 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 28 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 29 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 30 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
| 31 |
| vulnerability |
VCID-zh46-yhnw-3uek |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.42 |
|
|
| aliases |
CVE-2023-34252, GHSA-96xv-rmwj-6p9w
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-44z6-1fhy-tydk |
|
| 6 |
| url |
VCID-4jar-dkfg-73cj |
| vulnerability_id |
VCID-4jar-dkfg-73cj |
| summary |
Grav is Vulnerable to Security Sandbox Bypass with SSTI (Server Side Template Injection)
Grav CMS is vulnerable to a Server-Side Template Injection (SSTI) that allows any authenticated user with editor permissions to execute arbitrary code on the remote server, bypassing the existing security sandbox. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66299, GHSA-gjc5-8cfh-653x
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4jar-dkfg-73cj |
|
| 7 |
| url |
VCID-56q7-vxfn-1fdh |
| vulnerability_id |
VCID-56q7-vxfn-1fdh |
| summary |
Grav Admin Plugin vulnerable to User Enumeration & Email Disclosure
A **user enumeration and email disclosure vulnerability** exists in Grav **v1.7.49.5** with Admin plugin **v1.10.49.1**.
The "Forgot Password" functionality at `/admin/forgot` leaks information about valid usernames and their associated email addresses through distinct server responses.
This allows an attacker to enumerate users and disclose sensitive email addresses, which can be leveraged for targeted attacks such as password spraying, phishing, or social engineering. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66307, GHSA-q3qx-cp62-f6m7
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-56q7-vxfn-1fdh |
|
| 8 |
| url |
VCID-5u55-gd8a-u3ec |
| vulnerability_id |
VCID-5u55-gd8a-u3ec |
| summary |
|
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://github.com/r4vanan/Stored-xss-Grav-v1.7.45 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
2.0 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-07T15:42:33Z/ |
|
|
| url |
https://github.com/r4vanan/Stored-xss-Grav-v1.7.45 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.46 |
| purl |
pkg:composer/getgrav/grav@1.7.46 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 2 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 3 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 4 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 5 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 6 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 7 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 8 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 9 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 10 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 11 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 12 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 13 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 14 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 15 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 16 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 17 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 18 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 19 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 20 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 21 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.46 |
|
|
| aliases |
CVE-2024-35498, GHSA-m78c-qx99-mvw9
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5u55-gd8a-u3ec |
|
| 9 |
| url |
VCID-6d91-btd1-g7fm |
| vulnerability_id |
VCID-6d91-btd1-g7fm |
| summary |
Grav vulnerable to Information Disclosure via IDOR in Grav Admin Panel
An **IDOR (Insecure Direct Object Reference)** vulnerability in the Grav CMS Admin Panel allows **low-privilege users to access sensitive information** from other accounts.
Although direct account takeover is not possible, **admin email addresses and other metadata can be exposed**, increasing the risk of phishing, credential stuffing, and social engineering.
--- |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66306, GHSA-4cwq-j7jv-qmwg
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6d91-btd1-g7fm |
|
| 10 |
| url |
VCID-6u43-vkkb-vydt |
| vulnerability_id |
VCID-6u43-vkkb-vydt |
| summary |
Grav is vulnerable to Arbitrary File Read
- A low privilege user account with page editing privilege can read any server files using "Frontmatter" form.
- This includes Grav user account files - /grav/user/accounts/*.yaml. This file stores hashed user password, 2FA secret, and the password reset token.
- This can allow an adversary to compromise any registered account by resetting a password for a user to get access to the password reset token from the file or by cracking the hashed password. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66300, GHSA-p4ww-mcp9-j6f2
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6u43-vkkb-vydt |
|
| 11 |
| url |
VCID-7wp3-csun-8khc |
| vulnerability_id |
VCID-7wp3-csun-8khc |
| summary |
Grav has Broken Access Control which allows an Editor to modify the page's YAML Frontmatter to alter form processing actions
Due to a broken access control vulnerability in the `/admin/pages/{page_name}` endpoint, an editor ( user with full permissions to pages ) can change the functionality of a form after submission. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66301, GHSA-v8x2-fjv7-8hjh
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7wp3-csun-8khc |
|
| 12 |
| url |
VCID-85xt-1hrm-7yan |
| vulnerability_id |
VCID-85xt-1hrm-7yan |
| summary |
Grav Exposes Password Hashes Leading to privilege escalation
# Exposure of Password Hashes Leading to privilege escalation
**Severity Rating:** Medium
**Vector:** Privilege Escalation
**CVE:** XXX
**CWE:** 200 - Exposure of Sensitive Information
**CVSS Score:** 6.2
**CVSS Vector:** CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L
## Analysis
It was observed that if a users is given read access on the user account management section of the admin panel can view the password hashes of all users, including the admin user. This exposure can potentially lead to privilege escalation if an attacker can crack these password hashes.
An attacker with read access can:
* View and potentially crack the password hashes.
* Gain administrative access by cracking the admin password hash.
* Escalate privileges and compromise the entire admin panel.
## Proof of Concept
1) Give read access to user accounts to a random user as shown in the following figures:
2) Log in to the admin panel with an account that has read access to user accounts and navigate to the user account management section.
3) Go to the admin profile `http://127.0.0.1/admin/accounts/users/admin`; The password is not display. Try inspecting the page source code as shown in the following figures:
You can see that it match the hash that is in the admin.yaml file :
4) Crack the hash as shown in the following figure, the algorithm use here is bcrypt:
## Workarounds
No workaround is currently known
# Timeline
**2024-07-24** Issue identified
**2024-09-27** Vendor contacted
# About X41 D-Sec GmbH
X41 is an expert provider for application security services.
Having extensive industry experience and expertise in the area of information
security, a strong core security team of world class security experts enables
X41 to perform premium security services.
Fields of expertise in the area of application security are security centered
code reviews, binary reverse engineering and vulnerability discovery.
Custom research and IT security consulting and support services are core
competencies of X41. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66304, GHSA-gq3g-666w-7h85
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-85xt-1hrm-7yan |
|
| 13 |
| url |
VCID-86hj-eehc-k3ft |
| vulnerability_id |
VCID-86hj-eehc-k3ft |
| summary |
grav is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.24 |
| purl |
pkg:composer/getgrav/grav@1.7.24 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-1bjq-3mkn-zyga |
|
| 2 |
| vulnerability |
VCID-2qtw-9wf6-nudj |
|
| 3 |
| vulnerability |
VCID-2wpd-95xv-6kde |
|
| 4 |
| vulnerability |
VCID-2ye1-e9dh-1bay |
|
| 5 |
| vulnerability |
VCID-44z6-1fhy-tydk |
|
| 6 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 7 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 8 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 9 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 10 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 11 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 12 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 13 |
| vulnerability |
VCID-8vcs-7bzg-v7a1 |
|
| 14 |
| vulnerability |
VCID-9ae4-j22r-zybf |
|
| 15 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 16 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 17 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 18 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 19 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 20 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 21 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 22 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 23 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 24 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 25 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 26 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 27 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 28 |
| vulnerability |
VCID-qx77-ytdb-v7fm |
|
| 29 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 30 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 31 |
| vulnerability |
VCID-rpt5-58d4-u3g2 |
|
| 32 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 33 |
| vulnerability |
VCID-sery-jtwk-d7he |
|
| 34 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 35 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 36 |
| vulnerability |
VCID-vam8-t26t-hbak |
|
| 37 |
| vulnerability |
VCID-vj8k-z2e8-w3gw |
|
| 38 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 39 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 40 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
| 41 |
| vulnerability |
VCID-zh46-yhnw-3uek |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.24 |
|
|
| aliases |
CVE-2021-3904, GHSA-5jxc-hmqf-3f73
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-86hj-eehc-k3ft |
|
| 14 |
| url |
VCID-8vcs-7bzg-v7a1 |
| vulnerability_id |
VCID-8vcs-7bzg-v7a1 |
| summary |
Improper Control of Generation of Code ('Code Injection')
Grav is a flat-file content management system. Prior to version 1.7.42, the patch for CVE-2022-2073, a server-side template injection vulnerability in Grav leveraging the default `filter()` function, does not block other built-in functions exposed by Twig's Core Extension that could be used to invoke arbitrary unsafe functions, thereby allowing for remote code execution. A patch in version 1.74.2 overrides the built-in Twig `map()` and `reduce()` filter functions in `system/src/Grav/Common/Twig/Extension/GravExtension.php` to validate the argument passed to the filter in `$arrow`. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.42 |
| purl |
pkg:composer/getgrav/grav@1.7.42 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-2wpd-95xv-6kde |
|
| 2 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 3 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 4 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 5 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 6 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 7 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 8 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 9 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 10 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 11 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 12 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 13 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 14 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 15 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 16 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 17 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 18 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 19 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 20 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 21 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 22 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 23 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 24 |
| vulnerability |
VCID-rpt5-58d4-u3g2 |
|
| 25 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 26 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 27 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 28 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 29 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 30 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
| 31 |
| vulnerability |
VCID-zh46-yhnw-3uek |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.42 |
|
|
| aliases |
CVE-2023-34448, GHSA-whr7-m3f8-mpm8
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8vcs-7bzg-v7a1 |
|
| 15 |
| url |
VCID-9ae4-j22r-zybf |
| vulnerability_id |
VCID-9ae4-j22r-zybf |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
stored xss in GitHub repository getgrav/grav prior to 1.7.33. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.33 |
| purl |
pkg:composer/getgrav/grav@1.7.33 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-1bjq-3mkn-zyga |
|
| 2 |
| vulnerability |
VCID-2wpd-95xv-6kde |
|
| 3 |
| vulnerability |
VCID-2ye1-e9dh-1bay |
|
| 4 |
| vulnerability |
VCID-44z6-1fhy-tydk |
|
| 5 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 6 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 7 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 8 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 9 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 10 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 11 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 12 |
| vulnerability |
VCID-8vcs-7bzg-v7a1 |
|
| 13 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 14 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 15 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 16 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 17 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 18 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 19 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 20 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 21 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 22 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 23 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 24 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 25 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 26 |
| vulnerability |
VCID-qx77-ytdb-v7fm |
|
| 27 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 28 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 29 |
| vulnerability |
VCID-rpt5-58d4-u3g2 |
|
| 30 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 31 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 32 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 33 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 34 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 35 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
| 36 |
| vulnerability |
VCID-zh46-yhnw-3uek |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.33 |
|
|
| aliases |
CVE-2022-1173, GHSA-3p5m-j98p-c698
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9ae4-j22r-zybf |
|
| 16 |
| url |
VCID-az1h-2gqk-qfet |
| vulnerability_id |
VCID-az1h-2gqk-qfet |
| summary |
Grav CMS is vulnerable to Cross Site Scripting (XSS) in the page editor
Grav CMS 1.7.49 is vulnerable to Cross Site Scripting (XSS). The page editor allows authenticated users to edit page content via a Markdown editor. The editor fails to properly sanitize <script> tags, allowing stored XSS payloads to execute when pages are viewed in the admin interface. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/getgrav/grav |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 2 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:31:02Z/ |
|
|
| url |
https://github.com/getgrav/grav |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.49.1 |
| purl |
pkg:composer/getgrav/grav@1.7.49.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 2 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 3 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 4 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 5 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 6 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 7 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 8 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 9 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 10 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 11 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 12 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 13 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 14 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 15 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 16 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 17 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 18 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 19 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 20 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.49.1 |
|
|
| aliases |
CVE-2025-65186, GHSA-cchq-397m-q2qm
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-az1h-2gqk-qfet |
|
| 17 |
| url |
VCID-bhy6-j9pb-dfhs |
| vulnerability_id |
VCID-bhy6-j9pb-dfhs |
| summary |
Grav vulnerable to Cross-Site Scripting (XSS) Stored endpoint `/admin/pages/[page]` parameter `data[header][template]` in Advanced Tab
A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `/admin/pages/[page]` endpoint of the _Grav_ application. This vulnerability allows attackers to inject malicious scripts into the `data[header][template]` parameter. The script is saved within the page's frontmatter and executed automatically whenever the affected content is rendered in the administrative interface or frontend view.
--- |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66310, GHSA-7g78-5g5g-mvfj
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bhy6-j9pb-dfhs |
|
| 18 |
| url |
VCID-bren-f4n9-cyhk |
| vulnerability_id |
VCID-bren-f4n9-cyhk |
| summary |
Server-Side Template Injection (SSTI) with Grav CMS security sandbox bypass
Grav CMS is vulnerable to a Server-Side Template Injection (SSTI), which allows any authenticated user (editor permissions are sufficient) to execute arbitrary code on the remote server bypassing the existing security sandbox. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.45 |
| purl |
pkg:composer/getgrav/grav@1.7.45 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 2 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 3 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 4 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 5 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 6 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 7 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 8 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 9 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 10 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 11 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 12 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 13 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 14 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 15 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 16 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 17 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 18 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 19 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 20 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 21 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 22 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 23 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.45 |
|
|
| aliases |
CVE-2024-28116, GHSA-c9gp-64c4-2rrh
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bren-f4n9-cyhk |
|
| 19 |
| url |
VCID-dbkc-wpyr-7bcx |
| vulnerability_id |
VCID-dbkc-wpyr-7bcx |
| summary |
Grav vulnerable to Denial of Service via Improper Input Handling in 'Supported' Parameter
A Denial of Service (DoS) vulnerability was identified in the **"Languages"** submenu of the Grav **admin configuration panel** (`/admin/config/system`). Specifically, the `Supported` parameter fails to properly validate user input. If a malformed value is inserted—such as a single forward slash (`/`) or an XSS test string—it causes a fatal regular expression parsing error on the server.
This leads to application-wide failure due to the use of the `preg_match()` function with an **improperly constructed regular expression**, resulting in the following error:
`preg_match(): Unknown modifier 'o' File: /system/src/Grav/Common/Language/Language.php line 244`
Once triggered, the site becomes completely unavailable to all users.
--- |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66305, GHSA-m8vh-v6r6-w7p6
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dbkc-wpyr-7bcx |
|
| 20 |
| url |
VCID-ex5k-rg9u-hubc |
| vulnerability_id |
VCID-ex5k-rg9u-hubc |
| summary |
|
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.0 |
| purl |
pkg:composer/getgrav/grav@1.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-1bjq-3mkn-zyga |
|
| 2 |
| vulnerability |
VCID-2qtw-9wf6-nudj |
|
| 3 |
| vulnerability |
VCID-2wpd-95xv-6kde |
|
| 4 |
| vulnerability |
VCID-2ye1-e9dh-1bay |
|
| 5 |
| vulnerability |
VCID-44z6-1fhy-tydk |
|
| 6 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 7 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 8 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 9 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 10 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 11 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 12 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 13 |
| vulnerability |
VCID-86hj-eehc-k3ft |
|
| 14 |
| vulnerability |
VCID-8vcs-7bzg-v7a1 |
|
| 15 |
| vulnerability |
VCID-9ae4-j22r-zybf |
|
| 16 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 17 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 18 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 19 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 20 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 21 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 22 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 23 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 24 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 25 |
| vulnerability |
VCID-hw64-fy9c-pkg8 |
|
| 26 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 27 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 28 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 29 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 30 |
| vulnerability |
VCID-qx77-ytdb-v7fm |
|
| 31 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 32 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 33 |
| vulnerability |
VCID-rpt5-58d4-u3g2 |
|
| 34 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 35 |
| vulnerability |
VCID-s4jf-5czw-sqh5 |
|
| 36 |
| vulnerability |
VCID-sery-jtwk-d7he |
|
| 37 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 38 |
| vulnerability |
VCID-tspv-3h2c-gqh4 |
|
| 39 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 40 |
| vulnerability |
VCID-vam8-t26t-hbak |
|
| 41 |
| vulnerability |
VCID-vj8k-z2e8-w3gw |
|
| 42 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 43 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 44 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
| 45 |
| vulnerability |
VCID-zh46-yhnw-3uek |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.0 |
|
|
| aliases |
CVE-2020-29556, GHSA-r3rg-jrjq-w4mr
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ex5k-rg9u-hubc |
|
| 21 |
| url |
VCID-fc3k-zc91-pubu |
| vulnerability_id |
VCID-fc3k-zc91-pubu |
| summary |
Grav is vulnerable to RCE via SSTI through Twig Sandbox Bypass
A Server-Side Template Injection (SSTI) vulnerability exists in Grav that allows authenticated attackers with editor permissions to execute arbitrary commands on the server and, under certain conditions, may also be exploited by unauthenticated attackers. This vulnerability stems from weak regex validation in the `cleanDangerousTwig` method. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66294, GHSA-662m-56v4-3r8f
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fc3k-zc91-pubu |
|
| 22 |
| url |
VCID-fwqy-uxhw-r3h6 |
| vulnerability_id |
VCID-fwqy-uxhw-r3h6 |
| summary |
Grav vulnerable to Privilege Escalation and Authenticated Remote Code Execution via Twig Injection
A user with admin panel access and permissions to create or edit pages in Grav CMS can enable Twig processing in the page frontmatter. By injecting malicious Twig expressions, the user can escalate their privileges to admin or execute arbitrary system commands via the scheduler API. This results in both Privilege Escalation (PE) and Remote Code Execution (RCE) vulnerabilities. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66297, GHSA-858q-77wx-hhx6
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fwqy-uxhw-r3h6 |
|
| 23 |
| url |
VCID-g3hx-7nzv-ryhx |
| vulnerability_id |
VCID-g3hx-7nzv-ryhx |
| summary |
Grav vulnerable to Privilege Escalation in Grav Admin: Missing Username Uniqueness Check Allows Admin Account Takeover
A privilege escalation vulnerability exists in Grav’s Admin plugin due to the absence of username uniqueness validation when creating users.
A user with the create user permission can create a new account using the same username as an existing administrator account, set a new password/email, and then log in as that administrator. This effectively allows privilege escalation from limited user-manager permissions to full administrator access. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66296, GHSA-cjcp-qxvg-4rjm
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g3hx-7nzv-ryhx |
|
| 24 |
| url |
VCID-g8ke-p3q5-qyg5 |
| vulnerability_id |
VCID-g8ke-p3q5-qyg5 |
| summary |
Grav vulnerable to Cross-Site Scripting (XSS) Stored endpoint `/admin/pages/[page]` in Multiples parameters
A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `/admin/pages/[page]` endpoint of the _Grav_ application. This vulnerability allows attackers to inject malicious scripts into the `data[header][metadata]`, `data[header][taxonomy][category]`, and `data[header][taxonomy][tag]` parameters. These scripts are stored in the page frontmatter and executed automatically whenever the affected page is accessed or rendered in the administrative interface.
--- |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66311, GHSA-mpjj-4688-3fxg
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g8ke-p3q5-qyg5 |
|
| 25 |
| url |
VCID-gmdx-e7d2-sqba |
| vulnerability_id |
VCID-gmdx-e7d2-sqba |
| summary |
Grav is vulnerable to Cross-Site Scripting (XSS) Reflected endpoint /admin/pages/[page], parameter data[header][content][items], located in the "Blog Config" tab
A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `/admin/pages/[page]` endpoint of the _Grav_ application. This vulnerability allows attackers to inject malicious scripts into the `data[header][content][items]` parameter.
--- |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66309, GHSA-65mj-f7p4-wggq
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gmdx-e7d2-sqba |
|
| 26 |
| url |
VCID-hw64-fy9c-pkg8 |
| vulnerability_id |
VCID-hw64-fy9c-pkg8 |
| summary |
grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.21 |
| purl |
pkg:composer/getgrav/grav@1.7.21 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-1bjq-3mkn-zyga |
|
| 2 |
| vulnerability |
VCID-2qtw-9wf6-nudj |
|
| 3 |
| vulnerability |
VCID-2wpd-95xv-6kde |
|
| 4 |
| vulnerability |
VCID-2ye1-e9dh-1bay |
|
| 5 |
| vulnerability |
VCID-44z6-1fhy-tydk |
|
| 6 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 7 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 8 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 9 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 10 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 11 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 12 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 13 |
| vulnerability |
VCID-86hj-eehc-k3ft |
|
| 14 |
| vulnerability |
VCID-8vcs-7bzg-v7a1 |
|
| 15 |
| vulnerability |
VCID-9ae4-j22r-zybf |
|
| 16 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 17 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 18 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 19 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 20 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 21 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 22 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 23 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 24 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 25 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 26 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 27 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 28 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 29 |
| vulnerability |
VCID-qx77-ytdb-v7fm |
|
| 30 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 31 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 32 |
| vulnerability |
VCID-rpt5-58d4-u3g2 |
|
| 33 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 34 |
| vulnerability |
VCID-sery-jtwk-d7he |
|
| 35 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 36 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 37 |
| vulnerability |
VCID-vam8-t26t-hbak |
|
| 38 |
| vulnerability |
VCID-vj8k-z2e8-w3gw |
|
| 39 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 40 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 41 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
| 42 |
| vulnerability |
VCID-zh46-yhnw-3uek |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.21 |
|
|
| aliases |
CVE-2021-3818, GHSA-cg3q-59w7-rvc2
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hw64-fy9c-pkg8 |
|
| 27 |
| url |
VCID-j5pg-v7n5-c3ah |
| vulnerability_id |
VCID-j5pg-v7n5-c3ah |
| summary |
Grav is vulnerable to Server-Side Template Injection (SSTI) via Forms
Having a simple form on site can reveal the whole Grav configuration details (including plugin configuration details) by using the correct POST payload. Sensitive information may be contained in the configuration details. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66298, GHSA-8535-hvm8-2hmv
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j5pg-v7n5-c3ah |
|
| 28 |
| url |
VCID-jjf3-4p3w-6keh |
| vulnerability_id |
VCID-jjf3-4p3w-6keh |
| summary |
Grav vulnerable to Path traversal / arbitrary YAML write via user creation leading to Account Takeover / System Corruption
When a user with privilege of user creation creates a new user through the Admin UI and supplies a username containing path traversal sequences (for example ..\Nijat or ../Nijat), Grav writes the account YAML file to an unintended path outside user/accounts/. The written YAML can contain account fields such as email, fullname, twofa_secret, and hashed_password. In my tests, I was able to cause the Admin UI to write the following content into arbitrary .yaml files (including files like email.yaml, system.yaml, or other site YAML files like admin.yaml) — demonstrating arbitrary YAML write / overwrite via the Admin UI.
Example observed content written by the Admin UI (test data):
username: ..\Nijat
state: enabled
email: [EMAIL@gmail.com](mailto:EMAIL@gmail.com)
fullname: 'Nijat Alizada'
language: en
content_editor: default
twofa_enabled: false
twofa_secret: RWVEIHC2AFVD6FCR6UHCO3DS4HWXKKDT
avatar: { }
hashed_password: $2y$10$wl9Ktv3vUmDKCt8o6u2oOuRZr1I04OE0YZf2sJ1QcAherbNnk1XVC
access:
site:
login: true |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66295, GHSA-h756-wh59-hhjv
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jjf3-4p3w-6keh |
|
| 29 |
| url |
VCID-kagw-a2bj-fbec |
| vulnerability_id |
VCID-kagw-a2bj-fbec |
| summary |
Grav is vulnerable to a DOS on the admin panel
# DOS on the admin panel
**Severity Rating:** Medium
**Vector:** Denial Of Service
**CVE:** XXX
**CWE:** 400 - Uncontrolled Resource Consumption
**CVSS Score:** 4.9
**CVSS Vector:** CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
## Analysis
A Denial of Service (DoS) vulnerability has been identified in the application related to the handling of `scheduled_at` parameters. Specifically, the application fails to properly sanitize input for cron expressions. By manipulating the `scheduled_at` parameter with a malicious input, such as a single quote, the application admin panel becomes non-functional, causing significant disruptions to administrative operations.
The only way to recover from this issue is to manually access the host server and modify the `backup.yaml` file to correct the corrupted cron expression
## Proof of Concept
1) Change the value of `scheduled_at` parameter to `'` as shown in the following figures at the `http://127.0.0.1/admin/tools` endpoint, and observe the response in the second figure:
*Figure: Http request on tool endpoint*
*Figure: Http response on tool endpoint*
2) When trying to access the admin panel, the panel is broken as shown in the following figure. Additionally, the value change is reflected in the `backup.yaml` file, as shown in the second figure:
*Figure: Error message view*
*Figure: Backup.yaml file*
## Workarounds
No workaround is currently known
# Timeline
**2024-07-24** Issue identified
**2024-09-27** Vendor contacted
# About X41 D-Sec GmbH
X41 is an expert provider for application security services.
Having extensive industry experience and expertise in the area of information
security, a strong core security team of world class security experts enables
X41 to perform premium security services.
Fields of expertise in the area of application security are security centered
code reviews, binary reverse engineering and vulnerability discovery.
Custom research and IT security consulting and support services are core
competencies of X41. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66303, GHSA-x62q-p736-3997
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kagw-a2bj-fbec |
|
| 30 |
| url |
VCID-pez8-dv55-yuhx |
| vulnerability_id |
VCID-pez8-dv55-yuhx |
| summary |
|
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.46 |
| purl |
pkg:composer/getgrav/grav@1.7.46 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 2 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 3 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 4 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 5 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 6 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 7 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 8 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 9 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 10 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 11 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 12 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 13 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 14 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 15 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 16 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 17 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 18 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 19 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 20 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 21 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.46 |
|
|
| aliases |
CVE-2024-34082, GHSA-f8v5-jmfh-pr69
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pez8-dv55-yuhx |
|
| 31 |
| url |
VCID-qcr6-7bzg-dybt |
| vulnerability_id |
VCID-qcr6-7bzg-dybt |
| summary |
|
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.0 |
| purl |
pkg:composer/getgrav/grav@1.7.0 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-1bjq-3mkn-zyga |
|
| 2 |
| vulnerability |
VCID-2qtw-9wf6-nudj |
|
| 3 |
| vulnerability |
VCID-2wpd-95xv-6kde |
|
| 4 |
| vulnerability |
VCID-2ye1-e9dh-1bay |
|
| 5 |
| vulnerability |
VCID-44z6-1fhy-tydk |
|
| 6 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 7 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 8 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 9 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 10 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 11 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 12 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 13 |
| vulnerability |
VCID-86hj-eehc-k3ft |
|
| 14 |
| vulnerability |
VCID-8vcs-7bzg-v7a1 |
|
| 15 |
| vulnerability |
VCID-9ae4-j22r-zybf |
|
| 16 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 17 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 18 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 19 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 20 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 21 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 22 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 23 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 24 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 25 |
| vulnerability |
VCID-hw64-fy9c-pkg8 |
|
| 26 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 27 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 28 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 29 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 30 |
| vulnerability |
VCID-qx77-ytdb-v7fm |
|
| 31 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 32 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 33 |
| vulnerability |
VCID-rpt5-58d4-u3g2 |
|
| 34 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 35 |
| vulnerability |
VCID-s4jf-5czw-sqh5 |
|
| 36 |
| vulnerability |
VCID-sery-jtwk-d7he |
|
| 37 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 38 |
| vulnerability |
VCID-tspv-3h2c-gqh4 |
|
| 39 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 40 |
| vulnerability |
VCID-vam8-t26t-hbak |
|
| 41 |
| vulnerability |
VCID-vj8k-z2e8-w3gw |
|
| 42 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 43 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 44 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
| 45 |
| vulnerability |
VCID-zh46-yhnw-3uek |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.0 |
|
|
| aliases |
CVE-2020-29555, GHSA-gpmf-q5jh-hjx4
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qcr6-7bzg-dybt |
|
| 32 |
| url |
VCID-qx77-ytdb-v7fm |
| vulnerability_id |
VCID-qx77-ytdb-v7fm |
| summary |
Improper Control of Generation of Code ('Code Injection')
Grav is a flat-file content management system. Versions prior to 1.7.42 is vulnerable to server side template injection. Remote code execution is possible by embedding malicious PHP code on the administrator screen by a user with page editing privileges. Version 1.7.42 contains a fix for this issue. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.42 |
| purl |
pkg:composer/getgrav/grav@1.7.42 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-2wpd-95xv-6kde |
|
| 2 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 3 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 4 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 5 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 6 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 7 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 8 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 9 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 10 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 11 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 12 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 13 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 14 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 15 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 16 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 17 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 18 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 19 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 20 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 21 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 22 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 23 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 24 |
| vulnerability |
VCID-rpt5-58d4-u3g2 |
|
| 25 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 26 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 27 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 28 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 29 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 30 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
| 31 |
| vulnerability |
VCID-zh46-yhnw-3uek |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.42 |
|
|
| aliases |
CVE-2023-34251, GHSA-f9jf-4cp4-4fq5
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qx77-ytdb-v7fm |
|
| 33 |
| url |
VCID-rc74-mh6y-abez |
| vulnerability_id |
VCID-rc74-mh6y-abez |
| summary |
Server Side Template Injection (SSTI) via Twig escape handler
Due to the unrestricted access to twig extension class from grav context, an attacker can redefine the escape function and execute arbitrary commands. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.45 |
| purl |
pkg:composer/getgrav/grav@1.7.45 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 2 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 3 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 4 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 5 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 6 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 7 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 8 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 9 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 10 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 11 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 12 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 13 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 14 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 15 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 16 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 17 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 18 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 19 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 20 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 21 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 22 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 23 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.45 |
|
|
| aliases |
CVE-2024-28119, GHSA-2m7x-c7px-hp58
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rc74-mh6y-abez |
|
| 34 |
| url |
VCID-rejj-7zwj-pya6 |
| vulnerability_id |
VCID-rejj-7zwj-pya6 |
| summary |
Grav File Upload Path Traversal
Grav is vulnerable to a file upload path traversal vulnerability, that can allow an adversary to replace or create files with extensions such as .json, .zip, .css, .gif, etc. This vulnerabiltiy can allow attackers to inject arbitrary code on the server, undermine integrity of backup files by overwriting existing backups or creating new ones, and exfiltrating sensitive data using CSS Injection exfiltration techniques. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.45 |
| purl |
pkg:composer/getgrav/grav@1.7.45 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 2 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 3 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 4 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 5 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 6 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 7 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 8 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 9 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 10 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 11 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 12 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 13 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 14 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 15 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 16 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 17 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 18 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 19 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 20 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 21 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 22 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 23 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.45 |
|
|
| aliases |
CVE-2024-27921, GHSA-m7hx-hw6h-mqmc
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rejj-7zwj-pya6 |
|
| 35 |
| url |
VCID-rpt5-58d4-u3g2 |
| vulnerability_id |
VCID-rpt5-58d4-u3g2 |
| summary |
Return of Wrong Status Code
Grav is a file-based Web-platform built in PHP. Grav is subject to a server side template injection (SSTI) vulnerability. The fix for another SSTI vulnerability using `|map`, `|filter` and `|reduce` twigs implemented in the commit `71bbed1` introduces bypass of the denylist due to incorrect return value from `isDangerousFunction()`, which allows to execute the payload prepending double backslash (`\\`). The `isDangerousFunction()` check in version 1.7.42 and onwards retuns `false` value instead of `true` when the `\` symbol is found in the `$name`. This vulnerability can be exploited if the attacker has access to: 1. an Administrator account, or 2. a non-administrator, user account that has Admin panel access and Create/Update page permissions. A fix for this vulnerability has been introduced in commit `b4c6210` and is included in release version `1.7.42.2`. Users are advised to upgrade. There are no known workarounds for this vulnerability. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.42.2 |
| purl |
pkg:composer/getgrav/grav@1.7.42.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-2wpd-95xv-6kde |
|
| 2 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 3 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 4 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 5 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 6 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 7 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 8 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 9 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 10 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 11 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 12 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 13 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 14 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 15 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 16 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 17 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 18 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 19 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 20 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 21 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 22 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 23 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 24 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 25 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 26 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 27 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 28 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 29 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
| 30 |
| vulnerability |
VCID-zh46-yhnw-3uek |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.42.2 |
|
| 1 |
|
|
| aliases |
CVE-2023-37897, GHSA-9436-3gmp-4f53
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rpt5-58d4-u3g2 |
|
| 36 |
| url |
VCID-s1my-pw99-bya8 |
| vulnerability_id |
VCID-s1my-pw99-bya8 |
| summary |
Server Side Template Injection (SSTI)
Due to the unrestricted access to twig extension class from grav context, an attacker can redefine config variable. As a result, attacker can bypass previous patch. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.45 |
| purl |
pkg:composer/getgrav/grav@1.7.45 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 2 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 3 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 4 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 5 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 6 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 7 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 8 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 9 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 10 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 11 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 12 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 13 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 14 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 15 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 16 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 17 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 18 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 19 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 20 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 21 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 22 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 23 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.45 |
|
|
| aliases |
CVE-2024-28118, GHSA-r6vw-8v8r-pmp4
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s1my-pw99-bya8 |
|
| 37 |
| url |
VCID-s4jf-5czw-sqh5 |
| vulnerability_id |
VCID-s4jf-5czw-sqh5 |
| summary |
|
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/getgrav/grav@1.7.12 |
| purl |
pkg:composer/getgrav/grav@1.7.12 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-1bjq-3mkn-zyga |
|
| 2 |
| vulnerability |
VCID-2qtw-9wf6-nudj |
|
| 3 |
| vulnerability |
VCID-2wpd-95xv-6kde |
|
| 4 |
| vulnerability |
VCID-2ye1-e9dh-1bay |
|
| 5 |
| vulnerability |
VCID-44z6-1fhy-tydk |
|
| 6 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 7 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 8 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 9 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 10 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 11 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 12 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 13 |
| vulnerability |
VCID-86hj-eehc-k3ft |
|
| 14 |
| vulnerability |
VCID-8vcs-7bzg-v7a1 |
|
| 15 |
| vulnerability |
VCID-9ae4-j22r-zybf |
|
| 16 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 17 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 18 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 19 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 20 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 21 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 22 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 23 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 24 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 25 |
| vulnerability |
VCID-hw64-fy9c-pkg8 |
|
| 26 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 27 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 28 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 29 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 30 |
| vulnerability |
VCID-qx77-ytdb-v7fm |
|
| 31 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 32 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 33 |
| vulnerability |
VCID-rpt5-58d4-u3g2 |
|
| 34 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 35 |
| vulnerability |
VCID-sery-jtwk-d7he |
|
| 36 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 37 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 38 |
| vulnerability |
VCID-vam8-t26t-hbak |
|
| 39 |
| vulnerability |
VCID-vj8k-z2e8-w3gw |
|
| 40 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 41 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 42 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
| 43 |
| vulnerability |
VCID-zh46-yhnw-3uek |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.12 |
|
|
| aliases |
CVE-2021-29440, GHSA-g8r4-p96j-xfxc
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s4jf-5czw-sqh5 |
|
| 38 |
| url |
VCID-sery-jtwk-d7he |
| vulnerability_id |
VCID-sery-jtwk-d7he |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav prior to 1.7.31. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.31 |
| purl |
pkg:composer/getgrav/grav@1.7.31 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-1bjq-3mkn-zyga |
|
| 2 |
| vulnerability |
VCID-2wpd-95xv-6kde |
|
| 3 |
| vulnerability |
VCID-2ye1-e9dh-1bay |
|
| 4 |
| vulnerability |
VCID-44z6-1fhy-tydk |
|
| 5 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 6 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 7 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 8 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 9 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 10 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 11 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 12 |
| vulnerability |
VCID-8vcs-7bzg-v7a1 |
|
| 13 |
| vulnerability |
VCID-9ae4-j22r-zybf |
|
| 14 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 15 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 16 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 17 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 18 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 19 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 20 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 21 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 22 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 23 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 24 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 25 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 26 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 27 |
| vulnerability |
VCID-qx77-ytdb-v7fm |
|
| 28 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 29 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 30 |
| vulnerability |
VCID-rpt5-58d4-u3g2 |
|
| 31 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 32 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 33 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 34 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 35 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 36 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
| 37 |
| vulnerability |
VCID-zh46-yhnw-3uek |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.31 |
|
|
| aliases |
CVE-2022-0970, GHSA-r6hh-5g3q-wwgc
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sery-jtwk-d7he |
|
| 39 |
| url |
VCID-tfvd-w5cn-jug5 |
| vulnerability_id |
VCID-tfvd-w5cn-jug5 |
| summary |
Grav vulnerable to Path Traversal allowing server files backup
```
A path traversal vulnerability has been identified in Grav CMS, versions 1.7.49.5 , allowing authenticated attackers
with administrative privileges to read arbitrary files on the underlying server filesystem. This vulnerability arises due
to insufficient input sanitization in the backup tool, where user-supplied paths are not properly restricted, enabling
access to files outside the intended webroot directory. The impact of this vulnerability depends on the privileges of
the user account running the application.
``` |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66302, GHSA-j422-qmxp-hv94
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tfvd-w5cn-jug5 |
|
| 40 |
| url |
VCID-tspv-3h2c-gqh4 |
| vulnerability_id |
VCID-tspv-3h2c-gqh4 |
| summary |
|
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.1 |
| purl |
pkg:composer/getgrav/grav@1.7.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-1bjq-3mkn-zyga |
|
| 2 |
| vulnerability |
VCID-2qtw-9wf6-nudj |
|
| 3 |
| vulnerability |
VCID-2wpd-95xv-6kde |
|
| 4 |
| vulnerability |
VCID-2ye1-e9dh-1bay |
|
| 5 |
| vulnerability |
VCID-44z6-1fhy-tydk |
|
| 6 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 7 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 8 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 9 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 10 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 11 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 12 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 13 |
| vulnerability |
VCID-86hj-eehc-k3ft |
|
| 14 |
| vulnerability |
VCID-8vcs-7bzg-v7a1 |
|
| 15 |
| vulnerability |
VCID-9ae4-j22r-zybf |
|
| 16 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 17 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 18 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 19 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 20 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 21 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 22 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 23 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 24 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 25 |
| vulnerability |
VCID-hw64-fy9c-pkg8 |
|
| 26 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 27 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 28 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 29 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 30 |
| vulnerability |
VCID-qx77-ytdb-v7fm |
|
| 31 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 32 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 33 |
| vulnerability |
VCID-rpt5-58d4-u3g2 |
|
| 34 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 35 |
| vulnerability |
VCID-s4jf-5czw-sqh5 |
|
| 36 |
| vulnerability |
VCID-sery-jtwk-d7he |
|
| 37 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 38 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 39 |
| vulnerability |
VCID-vam8-t26t-hbak |
|
| 40 |
| vulnerability |
VCID-vj8k-z2e8-w3gw |
|
| 41 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 42 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 43 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
| 44 |
| vulnerability |
VCID-zh46-yhnw-3uek |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.1 |
|
|
| aliases |
CVE-2020-29553, GHSA-fqff-vcvx-68h3
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tspv-3h2c-gqh4 |
|
| 41 |
| url |
VCID-ue9g-26at-mqbe |
| vulnerability_id |
VCID-ue9g-26at-mqbe |
| summary |
Grav may be vulnerable to SSRF attack via Twig Templates
In grav <1.7.49.5, a SSRF (Server-Side Request Forgery) vector may be triggered via Twig templates when page content is processed by Twig and the configuration allows undefined PHP functions to be registered. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.8.0-beta.1 |
| purl |
pkg:composer/getgrav/grav@1.8.0-beta.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 1 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 2 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 3 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 4 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 5 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 6 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 7 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 8 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 9 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 10 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 11 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 12 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 13 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 14 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 15 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 16 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 17 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 18 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.8.0-beta.1 |
|
|
| aliases |
CVE-2025-66844, GHSA-729w-j79f-2c34
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ue9g-26at-mqbe |
|
| 42 |
|
| 43 |
| url |
VCID-vj8k-z2e8-w3gw |
| vulnerability_id |
VCID-vj8k-z2e8-w3gw |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting (XSS) - Stored in Packagist getgrav/grav prior to 1.7.28. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.28 |
| purl |
pkg:composer/getgrav/grav@1.7.28 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-1bjq-3mkn-zyga |
|
| 2 |
| vulnerability |
VCID-2qtw-9wf6-nudj |
|
| 3 |
| vulnerability |
VCID-2wpd-95xv-6kde |
|
| 4 |
| vulnerability |
VCID-2ye1-e9dh-1bay |
|
| 5 |
| vulnerability |
VCID-44z6-1fhy-tydk |
|
| 6 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 7 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 8 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 9 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 10 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 11 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 12 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 13 |
| vulnerability |
VCID-8vcs-7bzg-v7a1 |
|
| 14 |
| vulnerability |
VCID-9ae4-j22r-zybf |
|
| 15 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 16 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 17 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 18 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 19 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 20 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 21 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 22 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 23 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 24 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 25 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 26 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 27 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 28 |
| vulnerability |
VCID-qx77-ytdb-v7fm |
|
| 29 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 30 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 31 |
| vulnerability |
VCID-rpt5-58d4-u3g2 |
|
| 32 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 33 |
| vulnerability |
VCID-sery-jtwk-d7he |
|
| 34 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 35 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 36 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 37 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 38 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
| 39 |
| vulnerability |
VCID-zh46-yhnw-3uek |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.28 |
|
|
| aliases |
CVE-2022-0268, GHSA-735v-wx75-xmmm
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vj8k-z2e8-w3gw |
|
| 44 |
| url |
VCID-vr9g-tuvu-5bfr |
| vulnerability_id |
VCID-vr9g-tuvu-5bfr |
| summary |
Server Side Template Injection (SSTI)
Grav validates accessible functions through the Utils::isDangerousFunction function, but does not impose restrictions on twig functions like twig_array_map, allowing attackers to bypass the validation and execute arbitrary commands. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.45 |
| purl |
pkg:composer/getgrav/grav@1.7.45 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 2 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 3 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 4 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 5 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 6 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 7 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 8 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 9 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 10 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 11 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 12 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 13 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 14 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 15 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 16 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 17 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 18 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 19 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 20 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 21 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 22 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 23 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.45 |
|
|
| aliases |
CVE-2024-28117, GHSA-qfv4-q44r-g7rv
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vr9g-tuvu-5bfr |
|
| 45 |
| url |
VCID-xny2-wxag-1qds |
| vulnerability_id |
VCID-xny2-wxag-1qds |
| summary |
Grav Admin Plugin vulnerable to Cross-Site Scripting (XSS) Stored endpoint `/admin/config/site` parameter `data[taxonomies]`
A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `/admin/config/site` endpoint of the _Grav_ application. This vulnerability allows attackers to inject malicious scripts into the `data[taxonomies]` parameter. The injected payload is stored on the server and automatically executed in the browser of any user who accesses the affected site configuration, resulting in a persistent attack vector.
--- |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66308, GHSA-gqxx-248x-g29f
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xny2-wxag-1qds |
|
| 46 |
| url |
VCID-yj5w-gv1w-c7gp |
| vulnerability_id |
VCID-yj5w-gv1w-c7gp |
| summary |
Grav Admin Plugin is vulnerable to Cross-Site Scripting (XSS) Stored endpoint `/admin/accounts/groups/[group]` parameter `data[readableName]`
A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `/admin/accounts/groups/Grupo` endpoint of the _Grav_ application. This vulnerability allows attackers to inject malicious scripts into the `data[readableName]` parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk.
--- |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-66312, GHSA-rmw5-f87r-w988
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yj5w-gv1w-c7gp |
|
| 47 |
| url |
VCID-zh46-yhnw-3uek |
| vulnerability_id |
VCID-zh46-yhnw-3uek |
| summary |
Remote Code Execution by uploading a phar file using frontmatter
- Due to insufficient permission verification, user who can write a page use frontmatter feature.
- Inadequate File Name Validation |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/getgrav/grav@1.7.43 |
| purl |
pkg:composer/getgrav/grav@1.7.43 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-19nj-98jv-77ah |
|
| 1 |
| vulnerability |
VCID-2wpd-95xv-6kde |
|
| 2 |
| vulnerability |
VCID-4jar-dkfg-73cj |
|
| 3 |
| vulnerability |
VCID-56q7-vxfn-1fdh |
|
| 4 |
| vulnerability |
VCID-5u55-gd8a-u3ec |
|
| 5 |
| vulnerability |
VCID-6d91-btd1-g7fm |
|
| 6 |
| vulnerability |
VCID-6u43-vkkb-vydt |
|
| 7 |
| vulnerability |
VCID-7wp3-csun-8khc |
|
| 8 |
| vulnerability |
VCID-85xt-1hrm-7yan |
|
| 9 |
| vulnerability |
VCID-az1h-2gqk-qfet |
|
| 10 |
| vulnerability |
VCID-bhy6-j9pb-dfhs |
|
| 11 |
| vulnerability |
VCID-bren-f4n9-cyhk |
|
| 12 |
| vulnerability |
VCID-dbkc-wpyr-7bcx |
|
| 13 |
| vulnerability |
VCID-fc3k-zc91-pubu |
|
| 14 |
| vulnerability |
VCID-fwqy-uxhw-r3h6 |
|
| 15 |
| vulnerability |
VCID-g3hx-7nzv-ryhx |
|
| 16 |
| vulnerability |
VCID-g8ke-p3q5-qyg5 |
|
| 17 |
| vulnerability |
VCID-gmdx-e7d2-sqba |
|
| 18 |
| vulnerability |
VCID-j5pg-v7n5-c3ah |
|
| 19 |
| vulnerability |
VCID-jjf3-4p3w-6keh |
|
| 20 |
| vulnerability |
VCID-kagw-a2bj-fbec |
|
| 21 |
| vulnerability |
VCID-pez8-dv55-yuhx |
|
| 22 |
| vulnerability |
VCID-rc74-mh6y-abez |
|
| 23 |
| vulnerability |
VCID-rejj-7zwj-pya6 |
|
| 24 |
| vulnerability |
VCID-s1my-pw99-bya8 |
|
| 25 |
| vulnerability |
VCID-tfvd-w5cn-jug5 |
|
| 26 |
| vulnerability |
VCID-ue9g-26at-mqbe |
|
| 27 |
| vulnerability |
VCID-vr9g-tuvu-5bfr |
|
| 28 |
| vulnerability |
VCID-xny2-wxag-1qds |
|
| 29 |
| vulnerability |
VCID-yj5w-gv1w-c7gp |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/getgrav/grav@1.7.43 |
|
|
| aliases |
CVE-2024-27923, GHSA-f6g2-h7qv-3m5v
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zh46-yhnw-3uek |
|