Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Grav
(Getgrav)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 24 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-03-21 | CVE-2024-28117 | Grav is an open-source, flat-file content management system. Prior to version 1.7.45, Grav validates accessible functions through the Utils::isDangerousFunction function, but does not impose restrictions on twig functions like twig_array_map, allowing attackers to bypass the validation and execute arbitrary commands. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this... | Grav | 8.8 | ||
| 2024-03-21 | CVE-2024-28118 | Grav is an open-source, flat-file content management system. Prior to version 1.7.45, due to the unrestricted access to twig extension class from Grav context, an attacker can redefine config variable. As a result, attacker can bypass a previous SSTI mitigation. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this behavior can be used to gain arbitrary code execution and... | Grav | 8.8 | ||
| 2024-03-21 | CVE-2024-28119 | Grav is an open-source, flat-file content management system. Prior to version 1.7.45, due to the unrestricted access to twig extension class from grav context, an attacker can redefine the escape function and execute arbitrary commands. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this behavior can be used to gain arbitrary code execution and elevate privileges on the... | Grav | 8.8 | ||
| 2024-05-15 | CVE-2024-34082 | Grav is a file-based Web platform. Prior to version 1.7.46, a low privilege user account with page edit privilege can read any server files using Twig Syntax. This includes Grav user account files - `/grav/user/accounts/*.yaml`. This file stores hashed user password, 2FA secret, and the password reset token. This can allow an adversary to compromise any registered account and read any file in the web server by resetting a password for a user to get access to the password reset token from the... | Grav | 9.9 | ||
| 2021-04-13 | CVE-2021-29440 | Grav is a file based Web-platform. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this behavior can be used to gain arbitrary code execution and elevate privileges on the instance. The issue was addressed in version 1.7.11. | Grav | 7.2 | ||
| 2021-09-27 | CVE-2021-3818 | grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking | Grav | 5.3 | ||
| 2021-10-27 | CVE-2021-3904 | grav is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | Grav | 5.4 | ||
| 2021-11-05 | CVE-2021-3924 | grav is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | Grav | 7.5 | ||
| 2022-01-25 | CVE-2022-0268 | Cross-site Scripting (XSS) - Stored in Packagist getgrav/grav prior to 1.7.28. | Grav | 5.4 | ||
| 2022-02-28 | CVE-2022-0743 | Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav prior to 1.7.31. | Grav | 4.6 |