Vulnerabilities

CVE-2020-29553

March 18, 2021

The Scheduler in Grav CMS through 1.7.0-rc.17 allows an attacker to execute a system command by tricking an admin into visiting a malicious website (CSRF).

Summary:

The Scheduler in Grav CMS through 1.7.0-rc.17 allows an attacker to execute a system command by tricking an admin into visiting a malicious website (CSRF).

Reference Links(if available):

https://blog.bssi.fr/cve-2020-29553-cve-2020-29555-cve-2020-29556-multiple-vulnerabilities-within-cms-grav/

CVSS Score (if available)

v2: / MEDIUM

v3: /

Links to Exploits(if available)

Brute Ratel C4 Detected – 52[.]193[.]97[.]60:80

November 16, 2024

CISA

CISA: CISA Releases One Industrial Control Systems Advisory

November 16, 2024

CISA

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

November 16, 2024

CISA

CISA: Oracle Releases Quarterly Critical Patch Update Advisory for October 2024

November 16, 2024

CISA

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

November 16, 2024

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

You may have missed

Brute Ratel C4 Detected – 52[.]193[.]97[.]60:80

CISA: CISA Releases One Industrial Control Systems Advisory

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: Oracle Releases Quarterly Critical Patch Update Advisory for October 2024

CISA: CISA Adds One Known Exploited Vulnerability to Catalog