Vulnerabilities > CVE-2020-19625 - Unspecified vulnerability in Gridx Project Gridx 1.3

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

gridx-project

NVD

Published: 2021-03-26

Updated: 2021-03-29

Summary

Remote Code Execution Vulnerability in tests/support/stores/test_grid_filter.php in oria gridx 1.3, allows remote attackers to execute arbitrary code, via crafted value to the $query parameter.

Vulnerable Configurations

Part	Description	Count
Application	Gridx_Project Gridx Project Gridx 1.3	1

References

http://mayoterry.com/file/cve/Remote_Code_Execution_Vulnerability_in_gridx_latest_version.pdf
https://github.com/oria/gridx/issues/433