Количество 2
Количество 2
CVE-2020-29556
почти 5 лет назад
The Backup functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to read arbitrary local files on the underlying server by exploiting a path-traversal technique. (This vulnerability can also be exploited by an unauthenticated attacker due to a lack of CSRF protection.)
CVSS3: 5.5
EPSS: Низкий
GHSA-r3rg-jrjq-w4mr
больше 3 лет назад
Grav CMS Local File Injection
CVSS3: 5.5
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-29556 The Backup functionality in Grav CMS through 1.7.0-rc.17 allows an authenticated attacker to read arbitrary local files on the underlying server by exploiting a path-traversal technique. (This vulnerability can also be exploited by an unauthenticated attacker due to a lack of CSRF protection.) | CVSS3: 5.5 | 0% Низкий | почти 5 лет назад |
| GHSA-r3rg-jrjq-w4mr Grav CMS Local File Injection | CVSS3: 5.5 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу
20