Packagist (Composer) package
getgrav/grav
pkg:composer/getgrav/grav
Vulnerabilities (64)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-28116 | — | < 1.7.45 | 1.7.45 | Mar 21, 2024 | Grav is an open-source, flat-file content management system. Grav CMS prior to version 1.7.45 is vulnerable to a Server-Side Template Injection (SSTI), which allows any authenticated user (editor permissions are sufficient) to execute arbitrary code on the remote server bypassing | ||
| CVE-2024-27921 | — | < 1.7.45 | 1.7.45 | Mar 21, 2024 | Grav is an open-source, flat-file content management system. A file upload path traversal vulnerability has been identified in the application prior to version 1.7.45, enabling attackers to replace or create files with extensions like .json, .zip, .css, .gif, etc. This critical s | ||
| CVE-2024-27923 | — | < 1.7.43 | 1.7.43 | Mar 6, 2024 | Grav is a content management system (CMS). Prior to version 1.7.43, users who may write a page may use the `frontmatter` feature due to insufficient permission validation and inadequate file name validation. This may lead to remote code execution. Version 1.7.43 fixes this issue. | ||
| CVE-2023-31506 | — | >= 0 | — | Feb 9, 2024 | A cross-site scripting (XSS) vulnerability in Grav versions 1.7.44 and before, allows remote authenticated attackers to execute arbitrary web scripts or HTML via the onmouseover attribute of an ISINDEX element. | ||
| CVE-2023-37897 | — | < 1.7.42.2 | 1.7.42.2 | Jul 18, 2023 | Grav is a file-based Web-platform built in PHP. Grav is subject to a server side template injection (SSTI) vulnerability. The fix for another SSTI vulnerability using `|map`, `|filter` and `|reduce` twigs implemented in the commit `71bbed1` introduces bypass of the denylist due t | ||
| CVE-2023-34448 | — | < 1.7.42 | 1.7.42 | Jun 14, 2023 | Grav is a flat-file content management system. Prior to version 1.7.42, the patch for CVE-2022-2073, a server-side template injection vulnerability in Grav leveraging the default `filter()` function, did not block other built-in functions exposed by Twig's Core Extension that cou | ||
| CVE-2023-34253 | — | < 1.7.42 | 1.7.42 | Jun 14, 2023 | Grav is a flat-file content management system. Prior to version 1.7.42, the denylist introduced in commit 9d6a2d to prevent dangerous functions from being executed via injection of malicious templates was insufficient and could be easily subverted in multiple ways -- (1) using un | ||
| CVE-2023-34252 | — | < 1.7.42 | 1.7.42 | Jun 14, 2023 | Grav is a flat-file content management system. Prior to version 1.7.42, there is a logic flaw in the `GravExtension.filterFilter()` function whereby validation against a denylist of unsafe functions is only performed when the argument passed to filter is a string. However, passin | ||
| CVE-2023-34251 | — | < 1.7.42 | 1.7.42 | Jun 14, 2023 | Grav is a flat-file content management system. Versions prior to 1.7.42 are vulnerable to server side template injection. Remote code execution is possible by embedding malicious PHP code on the administrator screen by a user with page editing privileges. Version 1.7.42 contains | ||
| CVE-2022-2073 | — | < 1.7.34 | 1.7.34 | Jun 29, 2022 | Code Injection in GitHub repository getgrav/grav prior to 1.7.34. | ||
| CVE-2022-1173 | — | < 1.7.33 | 1.7.33 | Apr 26, 2022 | stored xss in GitHub repository getgrav/grav prior to 1.7.33. | ||
| CVE-2022-0970 | — | < 1.7.31 | 1.7.31 | Mar 15, 2022 | Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav prior to 1.7.31. | ||
| CVE-2022-0743 | — | < 1.7.31 | 1.7.31 | Feb 28, 2022 | Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav prior to 1.7.31. | ||
| CVE-2022-0268 | — | < 1.7.28 | 1.7.28 | Jan 25, 2022 | Cross-site Scripting (XSS) - Stored in Packagist getgrav/grav prior to 1.7.28. | ||
| CVE-2021-3924 | — | <= 1.7.24 | — | Nov 5, 2021 | grav is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | ||
| CVE-2021-3904 | — | < 1.7.24 | 1.7.24 | Oct 27, 2021 | grav is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||
| CVE-2021-3818 | — | < 1.7.21 | 1.7.21 | Sep 27, 2021 | grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking | ||
| CVE-2021-29440 | — | < 1.7.11 | 1.7.11 | Apr 13, 2021 | Grav is a file based Web-platform. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this behavior can be used to gain arbitrary code execution and elevate privile | ||
| CVE-2020-29553 | — | >= 1.7.0-beta.1, <= 1.7.0-rc.17 | — | Mar 15, 2021 | The Scheduler in Grav CMS through 1.7.0-rc.17 allows an attacker to execute a system command by tricking an admin into visiting a malicious website (CSRF). | ||
| CVE-2020-29555 | — | >= 1.7.0-beta.1, <= 1.7.0-rc.17 | — | Mar 15, 2021 | The BackupDelete functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to delete arbitrary files on the underlying server by exploiting a path-traversal technique. (This vulnerability can also be exploited by an unauthenticated attacker due to a lack of C |
- CVE-2024-28116Mar 21, 2024affected < 1.7.45fixed 1.7.45
Grav is an open-source, flat-file content management system. Grav CMS prior to version 1.7.45 is vulnerable to a Server-Side Template Injection (SSTI), which allows any authenticated user (editor permissions are sufficient) to execute arbitrary code on the remote server bypassing
- CVE-2024-27921Mar 21, 2024affected < 1.7.45fixed 1.7.45
Grav is an open-source, flat-file content management system. A file upload path traversal vulnerability has been identified in the application prior to version 1.7.45, enabling attackers to replace or create files with extensions like .json, .zip, .css, .gif, etc. This critical s
- CVE-2024-27923Mar 6, 2024affected < 1.7.43fixed 1.7.43
Grav is a content management system (CMS). Prior to version 1.7.43, users who may write a page may use the `frontmatter` feature due to insufficient permission validation and inadequate file name validation. This may lead to remote code execution. Version 1.7.43 fixes this issue.
- CVE-2023-31506Feb 9, 2024affected >= 0
A cross-site scripting (XSS) vulnerability in Grav versions 1.7.44 and before, allows remote authenticated attackers to execute arbitrary web scripts or HTML via the onmouseover attribute of an ISINDEX element.
- CVE-2023-37897Jul 18, 2023affected < 1.7.42.2fixed 1.7.42.2
Grav is a file-based Web-platform built in PHP. Grav is subject to a server side template injection (SSTI) vulnerability. The fix for another SSTI vulnerability using `|map`, `|filter` and `|reduce` twigs implemented in the commit `71bbed1` introduces bypass of the denylist due t
- CVE-2023-34448Jun 14, 2023affected < 1.7.42fixed 1.7.42
Grav is a flat-file content management system. Prior to version 1.7.42, the patch for CVE-2022-2073, a server-side template injection vulnerability in Grav leveraging the default `filter()` function, did not block other built-in functions exposed by Twig's Core Extension that cou
- CVE-2023-34253Jun 14, 2023affected < 1.7.42fixed 1.7.42
Grav is a flat-file content management system. Prior to version 1.7.42, the denylist introduced in commit 9d6a2d to prevent dangerous functions from being executed via injection of malicious templates was insufficient and could be easily subverted in multiple ways -- (1) using un
- CVE-2023-34252Jun 14, 2023affected < 1.7.42fixed 1.7.42
Grav is a flat-file content management system. Prior to version 1.7.42, there is a logic flaw in the `GravExtension.filterFilter()` function whereby validation against a denylist of unsafe functions is only performed when the argument passed to filter is a string. However, passin
- CVE-2023-34251Jun 14, 2023affected < 1.7.42fixed 1.7.42
Grav is a flat-file content management system. Versions prior to 1.7.42 are vulnerable to server side template injection. Remote code execution is possible by embedding malicious PHP code on the administrator screen by a user with page editing privileges. Version 1.7.42 contains
- CVE-2022-2073Jun 29, 2022affected < 1.7.34fixed 1.7.34
Code Injection in GitHub repository getgrav/grav prior to 1.7.34.
- CVE-2022-1173Apr 26, 2022affected < 1.7.33fixed 1.7.33
stored xss in GitHub repository getgrav/grav prior to 1.7.33.
- CVE-2022-0970Mar 15, 2022affected < 1.7.31fixed 1.7.31
Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav prior to 1.7.31.
- CVE-2022-0743Feb 28, 2022affected < 1.7.31fixed 1.7.31
Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav prior to 1.7.31.
- CVE-2022-0268Jan 25, 2022affected < 1.7.28fixed 1.7.28
Cross-site Scripting (XSS) - Stored in Packagist getgrav/grav prior to 1.7.28.
- CVE-2021-3924Nov 5, 2021affected <= 1.7.24
grav is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CVE-2021-3904Oct 27, 2021affected < 1.7.24fixed 1.7.24
grav is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE-2021-3818Sep 27, 2021affected < 1.7.21fixed 1.7.21
grav is vulnerable to Reliance on Cookies without Validation and Integrity Checking
- CVE-2021-29440Apr 13, 2021affected < 1.7.11fixed 1.7.11
Grav is a file based Web-platform. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this behavior can be used to gain arbitrary code execution and elevate privile
- CVE-2020-29553Mar 15, 2021affected >= 1.7.0-beta.1, <= 1.7.0-rc.17
The Scheduler in Grav CMS through 1.7.0-rc.17 allows an attacker to execute a system command by tricking an admin into visiting a malicious website (CSRF).
- CVE-2020-29555Mar 15, 2021affected >= 1.7.0-beta.1, <= 1.7.0-rc.17
The BackupDelete functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to delete arbitrary files on the underlying server by exploiting a path-traversal technique. (This vulnerability can also be exploited by an unauthenticated attacker due to a lack of C
Page 3 of 4