CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 4CVE-2021-43617 – PHP Laravel 8.70.1 - Cross Site Scripting (XSS) to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2021-43617
Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on systems based on Debian. NOTE: this CVE Record is for Laravel Framework, and is unrelated to any reports concerning incorrectly written user applications for image upload. Laravel Framework hasta la versión 8.70.2 no bloquea suficientemente la subida de contenido PHP ejecutable porque Illuminate/Validation/Concerns/ValidatesAttributes.php carece de una comprobación para los archivos .phar, que se manejan como application/x-httpd-php en sistemas basados en Debian. NOTA: este registro CVE es para Laravel Framework, y no está relacionado con ningún informe sobre aplicaciones de usuario escritas incorrectamente para la carga de imágenes • https://www.exploit-db.com/exploits/50525 https://github.com/kombat1/CVE-2021-43617 https://github.com/Sybelle03/CVE-2021-43617 https://github.com/aweiiy/CVE-2021-43617 https://github.com/laravel/framework/blob/2049de73aa099a113a287587df4cc522c90961f5/src/Illuminate/Validation/Concerns/ValidatesAttributes.php#L1331-L1333 https://salsa.debian.org/php-team/php/-/blob/dc253886b5b2e9bc8d9e36db787abb083a667fd8/debian/php-cgi.conf#L5-6 https://salsa.debian.org/php-team/php/-/commit/dc253886b5b2e9bc8d9e36db787abb083a667fd8 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.8EPSS: 0%CPEs: 4EXPL: 0CVE-2007-6018
https://notcve.org/view.php?id=CVE-2007-6018
IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0.3 does not validate unspecified HTTP requests, which allows remote attackers to (1) delete arbitrary e-mail messages via a modified numeric ID or (2) "purge" deleted emails via a crafted email message. IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, y Horde Groupware Webmail Edition 1.0.3 no validan peticiones HTTP no especificadas, lo cual permite a atacantes remotos (1) borrar mensajes de correo electrónico de su elección mediante un ID numérico modificado o (2) "purgar" correos electrónicos eliminados mediante un mensaje de correo electrónico manipulado. • http://cvs.horde.org/diff.php/groupware/docs/groupware/CHANGES?r1=1.17&r2=1.17.2.1&ty=h http://cvs.horde.org/diff.php/groupware/docs/webmail/CHANGES?r1=1.12&r2=1.12.2.1&ty=h http://lists.horde.org/archives/announce/2008/000360.html http://lists.horde.org/archives/announce/2008/000365.html http://lists.horde.org/archives/announce/2008/000366.html http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://secunia.com/advisories/28020 http:&#x • CWE-264: Permissions, Privileges, and Access Controls •