CVE-2020-24941
https://notcve.org/view.php?id=CVE-2020-24941
An issue was discovered in Laravel before 6.18.35 and 7.x before 7.24.0. The $guarded property is mishandled in some situations involving requests with JSON column nesting expressions. Se detectó un problema en Laravel versiones anteriores a 6.18.35 y versiones 7.x anteriores a 7.24.0. La propiedad $guarded se maneja inapropiadamente en algunas situaciones que involucran peticiones con expresiones de anidación de columnas JSON • https://blog.laravel.com/security-release-laravel-61835-7240 • CWE-863: Incorrect Authorization •
CVE-2019-17494
https://notcve.org/view.php?id=CVE-2019-17494
laravel-bjyblog 6.1.1 has XSS via a crafted URL. laravel-bjyblog versión 6.1.1, presenta una vulnerabilidad de tipo XSS por medio de una URL especialmente diseñada. • https://github.com/baijunyao/laravel-bjyblog/issues/118 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-17433
https://notcve.org/view.php?id=CVE-2019-17433
z-song laravel-admin 1.7.3 has XSS via the Slug or Name on the Roles screen, because of mishandling on the "Operation log" screen. z-song laravel-admin versión 1.7.3, presenta una vulnerabilidad de tipo XSS por medio de Slug o Name en la pantalla Roles, debido a un manejo inapropiado en la pantalla "Operation log". • https://github.com/z-song/laravel-admin/issues/3847 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-6330
https://notcve.org/view.php?id=CVE-2018-6330
Laravel 5.4.15 is vulnerable to Error based SQL injection in save.php via dhx_user and dhx_version parameters. Laravel, en su versión 5.4.15, es vulnerable a inyección SQL basada en errores en save.php mediante los parámetros dhx_user y dhx_version. • http://www.itblog.gbonanno.de/cve-2018-6330-laravel-sql-injection https://github.com/laravel/framework/blob/5.4/CHANGELOG-5.4.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2018-15133 – Laravel Deserialization of Untrusted Data Vulnerability
https://notcve.org/view.php?id=CVE-2018-15133
In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in gadgetchains/Laravel/RCE/3/chain.php in phpggc. The attacker must know the application key, which normally would never occur, but could happen if the attacker previously had privileged access or successfully accomplished a previous attack. En Laravel Framework hasta la versión 5.5.40 y versiones 5.6.x hasta la 5.6.29, podría ocurrir una ejecución remota de código como resultado de una llamada unserialize en un valor X-XSRF-TOKEN que podría no ser fiable. Esto está relacionado con el método decrypt en Illuminate/Encryption/Encrypter.php y PendingBroadcast en gadgetchains/Laravel/RCE/3/chain.php en phpggc. • https://www.exploit-db.com/exploits/47129 https://github.com/kozmic/laravel-poc-CVE-2018-15133 https://github.com/AzhariKun/CVE-2018-15133 https://github.com/Bilelxdz/Laravel-CVE-2018-15133 https://github.com/AlienX2001/better-poc-for-CVE-2018-15133 https://github.com/NatteeSetobol/CVE-2018-15133-Lavel-Expliot http://packetstormsecurity.com/files/153641/PHP-Laravel-Framework-Token-Unserialize-Remote-Command-Execution.html https://laravel.com/docs/5.6/upgrade#upgrade-5.6.30 https://gi • CWE-502: Deserialization of Untrusted Data •