favicon
Grav

CPE Prefix

General information

Website
Description
Grav is a free software, self-hosted content management system (CMS) written in the PHP programming language and based on the Symfony web application framework. It uses a flat file database for both backend and frontend. Grav is designed to have a shallow learning curve, and to be easy to set up.
Organization
Repository
Versions Page
Release Date
Jul 30, 2014

Domains using this technology

19.3K
Domain
Security Score
Security Score analyzes found vulnerabilities and indicates a lower or higher risk level of the potential attacks.
Site Title
DNS A record
www.abolis.fr favicon
www.abolis.fr
200
OK
Low
100 / 100 - Low security risk
301 Moved Permanently
-
-
klonk-clan.de favicon
klonk-clan.de
200
OK
Medium
57 / 100 - Medium security risk
Wilkommen | Förderverein Jugendtreff Mutterstadt e.V.
-
-
leonardo.szepmuveszeti.hu favicon
leonardo.szepmuveszeti.hu
200
OK
Low
100 / 100 - Low security risk
Home | Leonardo Project
-
-
swen.fairrats.eu favicon
swen.fairrats.eu
200
OK
Low
100 / 100 - Low security risk
301 Moved Permanently
-
-

IPv4 hosts using this technology

1.8K
IP
Security Score
Security Score analyzes found vulnerabilities and indicates a lower or higher risk level of the potential attacks.
Open Ports
Hosted domains
Country
Low
100 / 100 - Low security risk
2
Medium
57 / 100 - Medium security risk
2
Low
100 / 100 - Low security risk
2
Critical
0 / 100 - Critical security risk
4

Known vulnerabilities

2
CVE ID
Severity
Description
MEDIUM
Grav is a file based Web-platform. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this behavior can be used to gain arbitrary code execution and elevate privileges on the instance. The issue was addressed in version 1.7.11.
MEDIUM
Common/Grav.php in Grav before 1.7 has an Open Redirect. This is partially fixed in 1.6.23 and still present in 1.6.x.