Filters

Software

getgrav grav
17
getgrav grav cms
5
getgrav grav-plugin-admin
3
getgrav dom-sanitizer
1
getgrav grav admin
1

Getgrav GravXSS

medium
5.4
First published (updated )
CVE-2023-31506

Getgrav Dom-sanitizerXSS

medium
6.1
First published (updated )
CVE-2023-49146

Getgrav GravServer-side Template Injection (SSTI) in grav

high
8.8
First published (updated )
CVE-2023-37897

Getgrav GravCode Injection, Input Validation

high
8.8
First published (updated )
CVE-2023-34448

Getgrav GravCode Injection

high
8.8
First published (updated )
CVE-2023-34253

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Getgrav GravXSS

medium
6.1
First published (updated )
CVE-2023-34452

Getgrav GravCode Injection

critical
9.9
First published (updated )
CVE-2023-34251

Getgrav GravCode Injection

high
8.8
First published (updated )
CVE-2023-34252

Getgrav GravCode Injection in getgrav/grav

critical
9.1
First published (updated )
CVE-2022-2073

Getgrav Gravstored xss in getgrav/grav

high
8.2
First published (updated )
CVE-2022-1173

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Getgrav GravCross-site Scripting (XSS) - Stored in getgrav/grav

high
7.1
First published (updated )
CVE-2022-0970

Getgrav GravCross-site Scripting (XSS) - Stored in getgrav/grav

medium
4.6
First published (updated )
CVE-2022-0743

Getgrav GravCross-site Scripting (XSS) - Stored in getgrav/grav

medium
5.7
First published (updated )
CVE-2022-0268

Getgrav Grav-plugin-adminCross-site Scripting (XSS) - Stored in getgrav/grav-plugin-admin

medium
5.4
First published (updated )
CVE-2021-3920

Getgrav GravPath Traversal in getgrav/grav

high
8.8
First published (updated )
CVE-2021-3924

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Getgrav GravCross-site Scripting (XSS) - Stored in getgrav/grav

medium
6.3
First published (updated )
CVE-2021-3904

Getgrav GravReliance on Cookies without Validation and Integrity Checking in getgrav/grav

medium
6.3
First published (updated )
CVE-2021-3818

Getgrav Grav-plugin-adminImproper Restriction of Rendered UI Layers or Frames in getgrav/grav-plugin-admin

medium
5.8
First published (updated )
CVE-2021-3799

Getgrav GravTwig allowing dangerous PHP functions by default

high
8.4
First published (updated )
CVE-2021-29440

Getgrav Grav AdminPlugins can be installed with minimal admin privileges

high
7.2
First published (updated )
CVE-2021-29439

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Getgrav Grav-plugin-adminUnauthenticated Arbitrary YAML Write/Update leads to Code Execution

critical
9.8
First published (updated )
CVE-2021-21425

Getgrav Grav CmsCSRF

high
8.8
First published (updated )
CVE-2020-29553

Getgrav Grav CmsPath Traversal, CSRF

high
8.1
First published (updated )
CVE-2020-29555

Getgrav Grav CmsPath Traversal, CSRF

medium
5.5
First published (updated )
CVE-2020-29556

Getgrav GravCommon/Grav.php in Grav before 1.7 has an Open Redirect. This is partially fixed in 1.6.23 and still…

medium
6.1
First published (updated )
CVE-2020-11529

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Getgrav Grav CmsXSS

medium
6.1
First published (updated )
CVE-2019-16126

Getgrav Grav CmsXSS

medium
6.1
First published (updated )
CVE-2018-5233

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203