Known Vulnerabilities for Grav Cms by Getgrav
Listed below are 5 of the newest known vulnerabilities associated with "Grav Cms" by "Getgrav".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-29924 | Grav CMS v1.7.x and before is vulnerable to XML External Entity (XXE) through the SVG file upload functionality in the admin ... | Not Provided | 2026-03-30 | 2026-03-30 |
| CVE-2020-29556 | The Backup functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to read arbitrary local files on th... | 5.5 - MEDIUM | 2021-03-15 | 2021-03-25 |
| CVE-2020-29555 | The BackupDelete functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to delete arbitrary files on ... | 8.1 - HIGH | 2021-03-15 | 2021-03-25 |
| CVE-2020-29553 | The Scheduler in Grav CMS through 1.7.0-rc.17 allows an attacker to execute a system command by tricking an admin into visiti... | 8.8 - HIGH | 2021-03-15 | 2021-03-18 |
| CVE-2019-16126 | Grav through 1.6.15 allows (Stored) Cross-Site Scripting due to JavaScript execution in SVG images. | 6.1 - MEDIUM | 2019-09-09 | 2019-09-09 |
| CVE-2018-5233 | Cross-site scripting (XSS) vulnerability in system/src/Grav/Common/Twig/Twig.php in Grav CMS before 1.3.0 allows remote attac... | 6.1 - MEDIUM | 2018-03-19 | 2018-04-17 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Getgrav | Grav Cms | 1.7.7 | All | All | All |
| Application | Getgrav | Grav Cms | 1.7.6 | All | All | All |
| Application | Getgrav | Grav Cms | 1.7.5 | All | All | All |
| Application | Getgrav | Grav Cms | 1.7.4 | All | All | All |
| Application | Getgrav | Grav Cms | 1.7.3 | All | All | All |
| Application | Getgrav | Grav Cms | 1.7.1 | All | All | All |
| Application | Getgrav | Grav Cms | 1.7.0 | - | All | All |
| Application | Getgrav | Grav Cms | 1.7.0 | beta1 | All | All |
| Application | Getgrav | Grav Cms | 1.7.0 | beta10 | All | All |
| Application | Getgrav | Grav Cms | 1.7.0 | beta2 | All | All |
| Application | Getgrav | Grav Cms | 1.7.0 | beta3 | All | All |
| Application | Getgrav | Grav Cms | 1.7.0 | beta4 | All | All |
| Application | Getgrav | Grav Cms | 1.7.0 | beta5 | All | All |
| Application | Getgrav | Grav Cms | 1.7.0 | beta6 | All | All |
| Application | Getgrav | Grav Cms | 1.7.0 | beta7 | All | All |
| Application | Getgrav | Grav Cms | 1.7.0 | beta8 | All | All |
| Application | Getgrav | Grav Cms | 1.7.0 | beta9 | All | All |
| Application | Getgrav | Grav Cms | 1.7.0 | rc1 | All | All |
| Application | Getgrav | Grav Cms | 1.7.0 | rc10 | All | All |
| Application | Getgrav | Grav Cms | 1.7.0 | rc11 | All | All |