CVE-2023-34251 — Grav is a flat-file content management system. Versions prior to 1.7.42 are vulnerable to server side template injection. Remote code execution is possible by embedding malicious PHP code on the admin — CVE Database · The Intelligence Room