Количество 2
Количество 2
CVE-2024-27923
Grav is a content management system (CMS). Prior to version 1.7.43, users who may write a page may use the `frontmatter` feature due to insufficient permission validation and inadequate file name validation. This may lead to remote code execution. Version 1.7.43 fixes this issue.
GHSA-f6g2-h7qv-3m5v
Remote Code Execution by uploading a phar file using frontmatter
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-27923 Grav is a content management system (CMS). Prior to version 1.7.43, users who may write a page may use the `frontmatter` feature due to insufficient permission validation and inadequate file name validation. This may lead to remote code execution. Version 1.7.43 fixes this issue. | CVSS3: 8.8 | 7% Низкий | почти 2 года назад |
| GHSA-f6g2-h7qv-3m5v Remote Code Execution by uploading a phar file using frontmatter | 7% Низкий | почти 2 года назад |
Уязвимостей на страницу