What is CVE-2020-19625?

CVE-2020-19625 is a vulnerability in N/a. Published 2021-03-26.

Is CVE-2020-19625 known to be exploited?

9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2020-19625

Remote Code Execution Vulnerability in tests/support/stores/test_grid_filter.php in oria gridx 1.3, allows remote attackers to execute arbitrary code, via crafted value to the $query parameter.

EPSS: 0.857 (99.4th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

20142995/nuclei-templates
ARPSyndicate/kenzer-templates
Elsfa7-110/kenzer-templates
StarCrossPortal/scalpel
anonymous364872/Rapier_
apif-review/APIF_
apit-review-account/apit-tool
d4n-sec/d4n-sec.github.io
youcans896768/APIV_

References

github.com/oria/gridx/issues/433 (x_refsource_MISC)
mayoterry.com/file/cve/Remote_Code_Execution_Vulnerability_in_gridx_latest_vers… (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-19625?: CVE-2020-19625 is a vulnerability in N/a. Published 2021-03-26.
Is CVE-2020-19625 known to be exploited?: 9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.