CVE-2021-3129 – Laravel Ignition File Upload Vulnerability
https://notcve.org/view.php?id=CVE-2021-3129
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2. Ignition versiones anteriores a 2.5.2, como es usado en Laravel y otros productos, permite a atacantes remotos no autenticados ejecutar código arbitrario debido a un uso no seguro de las funciones file_get_contents() y file_put_contents(). Esto es explotable en sitios que usan el modo de depuración con Laravel versiones anteriores a 8.4.2 Laravel Ignition contains a file upload vulnerability that allows unauthenticated remote attackers to execute malicious code due to insecure usage of file_get_contents() and file_put_contents(). • https://www.exploit-db.com/exploits/49424 https://github.com/zhzyker/CVE-2021-3129 https://github.com/SNCKER/CVE-2021-3129 https://github.com/joshuavanderpoll/CVE-2021-3129 https://github.com/SecPros-Team/laravel-CVE-2021-3129-EXP https://github.com/knqyf263/CVE-2021-3129 https://github.com/Y0s9/CVE-2021-3129 https://github.com/FunPhishing/Laravel-8.4.2-rce-CVE-2021-3129 https://github.com/Axianke/CVE-2021-3129 https://github.com/shadowabi/Laravel-CVE-2021-3129 •
CVE-2020-24940
https://notcve.org/view.php?id=CVE-2020-24940
An issue was discovered in Laravel before 6.18.34 and 7.x before 7.23.2. Unvalidated values are saved to the database in some situations in which table names are stripped during a mass assignment. Se detectó un problema en Laravel versiones anteriores a 6.18.34 y versiones 7.x anteriores a 7.23.2. Los valores no validados se guardan en la base de datos en algunas situaciones en las que los nombres de las tablas son eliminados durante una asignación masiva • https://blog.laravel.com/security-release-laravel-61834-7232 • CWE-20: Improper Input Validation •
CVE-2020-24941
https://notcve.org/view.php?id=CVE-2020-24941
An issue was discovered in Laravel before 6.18.35 and 7.x before 7.24.0. The $guarded property is mishandled in some situations involving requests with JSON column nesting expressions. Se detectó un problema en Laravel versiones anteriores a 6.18.35 y versiones 7.x anteriores a 7.24.0. La propiedad $guarded se maneja inapropiadamente en algunas situaciones que involucran peticiones con expresiones de anidación de columnas JSON • https://blog.laravel.com/security-release-laravel-61835-7240 • CWE-863: Incorrect Authorization •
CVE-2019-17494
https://notcve.org/view.php?id=CVE-2019-17494
laravel-bjyblog 6.1.1 has XSS via a crafted URL. laravel-bjyblog versión 6.1.1, presenta una vulnerabilidad de tipo XSS por medio de una URL especialmente diseñada. • https://github.com/baijunyao/laravel-bjyblog/issues/118 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-17433
https://notcve.org/view.php?id=CVE-2019-17433
z-song laravel-admin 1.7.3 has XSS via the Slug or Name on the Roles screen, because of mishandling on the "Operation log" screen. z-song laravel-admin versión 1.7.3, presenta una vulnerabilidad de tipo XSS por medio de Slug o Name en la pantalla Roles, debido a un manejo inapropiado en la pantalla "Operation log". • https://github.com/z-song/laravel-admin/issues/3847 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •