binneko - Security Researcher - Exploit Intelligence Platform

CVE-2025-50286 NOMISEC HIGH WORKING POC

Grav CMS 1.7.48 - Authenticated Remote Code Execution via Plugin Upload

A Remote Code Execution (RCE) vulnerability in Grav CMS v1.7.48 allows an authenticated admin to upload a malicious plugin via the /admin/tools/direct-install interface. Once uploaded, the plugin is automatically extracted and loaded, allowing arbitrary PHP code execution and reverse shell access.

1 stars

CVSS 8.1

View Code

CVE-2025-50286 NOMISEC HIGH WORKING POC

Grav CMS 1.7.48 - Authenticated Remote Code Execution via Plugin Upload

A Remote Code Execution (RCE) vulnerability in Grav CMS v1.7.48 allows an authenticated admin to upload a malicious plugin via the /admin/tools/direct-install interface. Once uploaded, the plugin is automatically extracted and loaded, allowing arbitrary PHP code execution and reverse shell access.

CVSS 8.1

View Code

CVE-2025-46041 NOMISEC MEDIUM WRITEUP

Anchor CMS 0.12.7 - Stored Cross-Site Scripting via Page Description Field

A stored cross-site scripting (XSS) vulnerability in Anchor CMS v0.12.7 allows attackers to inject malicious JavaScript via the page description field in the page creation interface (/admin/pages/add).

CVSS 5.4

View Code

CVE-2025-50286 METASPLOIT HIGH ruby WORKING POC

Grav CMS 1.7.48 - Authenticated Remote Code Execution via Plugin Upload

A Remote Code Execution (RCE) vulnerability in Grav CMS v1.7.48 allows an authenticated admin to upload a malicious plugin via the /admin/tools/direct-install interface. Once uploaded, the plugin is automatically extracted and loaded, allowing arbitrary PHP code execution and reverse shell access.

CVSS 8.1

View Code

CVE-2025-50286 EXPLOITDB HIGH text WORKING POC

Grav CMS 1.7.48 - Authenticated Remote Code Execution via Plugin Upload

A Remote Code Execution (RCE) vulnerability in Grav CMS v1.7.48 allows an authenticated admin to upload a malicious plugin via the /admin/tools/direct-install interface. Once uploaded, the plugin is automatically extracted and loaded, allowing arbitrary PHP code execution and reverse shell access.

CVSS 8.1

View Code