Skip to main content

Grav Database Plugin CVE-2026-58492

| EUVDEUVD-2026-42947 CRITICAL
SQL Injection (CWE-89)
2026-07-10 GitHub_M
9.2
CVSS 4.0 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
9.2 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.7 HIGH

AC:H because exploitation depends on a consuming code path forwarding tainted table names; PR:N/UI:N as the flaw itself needs no auth, with high C/I and limited availability impact from arbitrary SQL.

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
4.0 AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Patch available
Jul 10, 2026 - 18:01 EUVD
Analysis Generated
Jul 10, 2026 - 16:54 vuln.today

DescriptionCVE.org

grav-plugin-database is the database plugin for Grav CMS. Prior to 1.2.0, the PDO::tableExists method interpolates its table argument directly into a raw SQL query string without sanitization, escaping, quoting, or whitelisting, allowing attacker-controlled table names passed by consuming plugin or developer code to execute arbitrary SQL against the configured database. This issue is fixed in version 1.2.0.

AnalysisAI

SQL injection in the Grav CMS Database plugin (grav-plugin-database) prior to 1.2.0 lets attacker-controlled table names reach a raw SQL query. The PDO::tableExists method interpolates its table argument directly into a query with no sanitization, escaping, quoting, or whitelisting, so any consuming plugin or developer code that forwards untrusted input into that method can execute arbitrary SQL against the configured database. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach plugin endpoint forwarding table name
Delivery
Submit crafted table-name with appended SQL
Exploit
Value interpolated into tableExists query
Execution
Arbitrary SQL executes on database
Impact
Read or modify database contents

Vulnerability AssessmentAI

Exploitation Exploitation requires a consuming Grav plugin or developer code path that passes attacker-controlled input as the table-name argument to the Database plugin's PDO::tableExists method - the vulnerable method does not receive untrusted input on its own, which is exactly the AT:P attack-requirement in the CVSS 4.0 vector. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals are mixed and should temper the raw 9.2 CVSS 4.0 score. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A site runs a Grav plugin that accepts a table or dataset name from an HTTP request parameter and passes it to the database plugin's tableExists() before querying. An unauthenticated attacker submits a crafted value such as a table name containing appended SQL (e.g. …
Remediation Vendor-released patch: upgrade grav-plugin-database to 1.2.0 or later, which fixes the identifier injection in PDO::tableExists (release https://github.com/getgrav/grav-plugin-database/releases/tag/1.2.0, commit f6d058785c9e23df7efc5ea7556f8746fef286df, advisory GHSA-8jxg-4pw9-xcwf). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all systems running grav-plugin-database, document versions, and identify plugins or custom code consuming the PDO::tableExists method. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Grav

View all
CVE-2025-66294 HIGH POC
8.8 Dec 01

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a Server-Side Template Injection (SSTI) vulnerability exists

CVE-2025-66301 CRITICAL POC
9.6 Dec 01

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, due to improper authorization checks when modifying critical

CVE-2025-50286 HIGH POC
8.1 Aug 06

A Remote Code Execution (RCE) vulnerability in Grav CMS v1.7.48 allows an authenticated admin to upload a malicious plug

CVE-2024-34082 CRITICAL POC
9.9 May 15

Grav is a file-based Web platform. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low a

CVE-2021-47812 CRITICAL POC
9.8 Jan 16

GravCMS 1.10.7 allows unauthenticated remote attackers to write arbitrary YAML configuration files, leading to full serv

CVE-2025-66297 HIGH POC
8.8 Dec 01

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a user with admin panel access and permissions to create or e

CVE-2025-66299 HIGH POC
8.8 Dec 01

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, Grav CMS is vulnerable to a Server-Side Template Injection (S

CVE-2024-28119 HIGH POC
8.8 Mar 21

Grav is an open-source, flat-file content management system. Rated high severity (CVSS 8.8), this vulnerability is remot

CVE-2024-28118 HIGH POC
8.8 Mar 21

Grav is an open-source, flat-file content management system. Rated high severity (CVSS 8.8), this vulnerability is remot

CVE-2024-28117 HIGH POC
8.8 Mar 21

Grav is an open-source, flat-file content management system. Rated high severity (CVSS 8.8), this vulnerability is remot

CVE-2024-28116 HIGH POC
8.8 Mar 21

Grav is an open-source, flat-file content management system. Rated high severity (CVSS 8.8), this vulnerability is remot

CVE-2024-27921 HIGH POC
8.8 Mar 21

Grav is an open-source, flat-file content management system. Rated high severity (CVSS 8.8), this vulnerability is remot

Share

CVE-2026-58492 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy