Filter
-Infinity
0
Trending
Software
composer/getgrav/gravGrav Arbitrary File Read to Account Takeover
9.9
First published (updated )
composer/getgrav/gravGrav vulnerable to Server Side Template Injection (SSTI) via Twig escape handler
8.8
EPSS
0.04%
First published (updated )
composer/getgrav/gravGrav vulnerable to Server Side Template Injection (SSTI)
8.8
EPSS
0.04%
First published (updated )
composer/getgrav/gravGrav vulnerable to Server Side Template Injection (SSTI)
8.8
EPSS
0.04%
First published (updated )
composer/getgrav/gravServer-Side Template Injection (SSTI) with Grav CMS security sandbox bypass
8.8
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/getgrav/gravGrav File Upload Path Traversal vulnerability
8.8
EPSS
0.04%
First published (updated )
composer/getgrav/gravRemote Code Execution by uploading a phar file using frontmatter
8.8
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GetgravGrav vulnerable to Self Cross Site Scripting in /forgot_password
6.1
First published (updated )
composer/getgrav/gravGrav Server-side Template Injection (SSTI) via Twig Default Filters
8.8
First published (updated )
GetgravGrav vulnerable to Server-side Template Injection (SSTI) via Denylist Bypass
8.8
First published (updated )
GetgravGrav Server-side Template Injection via Insufficient Validation in filterFilter
8.8
First published (updated )
composer/getgrav/gravGrav Server Side Template Injection vulnerability
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GetgravCross-site Scripting (XSS) - Stored in getgrav/grav
7.1
First published (updated )
GetgravCross-site Scripting (XSS) - Stored in getgrav/grav
4.6
First published (updated )
GetgravCross-site Scripting (XSS) - Stored in getgrav/grav
5.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GetgravCross-site Scripting (XSS) - Stored in getgrav/grav-plugin-admin
5.4
First published (updated )
GetgravCross-site Scripting (XSS) - Stored in getgrav/grav
6.3
First published (updated )
GetgravReliance on Cookies without Validation and Integrity Checking in getgrav/grav
6.3
First published (updated )
GetgravImproper Restriction of Rendered UI Layers or Frames in getgrav/grav-plugin-admin
5.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GetgravTwig allowing dangerous PHP functions by default
8.4
First published (updated )
GetgravPlugins can be installed with minimal admin privileges
7.2
First published (updated )
GetgravUnauthenticated Arbitrary YAML Write/Update leads to Code Execution
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.