exploit the possibilities
Showing 1 - 11 of 11 RSS Feed

Files

Ignition 2.5.1 Remote Code Execution
Posted Apr 7, 2021
Authored by cfreal

Ignition versions prior to 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel versions prior to 8.4.2.

tags | exploit, remote, arbitrary
advisories | CVE-2021-3129
MD5 | f2749663416c9f45e752a3213c8cb2d6

Related Files

Laravel 8.4.2 Remote Code Execution
Posted Jan 14, 2021
Authored by SunCSR

Laravel version 8.4.2 suffers from a debug mode remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 777a54e04861b26de13d508208e0dd5b
Laravel Nova 3.7.0 Denial Of Service
Posted Dec 4, 2020
Authored by iqzer0

Laravel Nova version 3.7.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 4e26aa9f540347a3c4d968f913015acb
Laravel Administrator 4 File Upload
Posted Nov 27, 2020
Authored by Xavi Beltran, Victor Campos

Laravel Administrator version 4 suffers from an unrestricted file upload vulnerability.

tags | exploit, file upload
advisories | CVE-2020-10963
MD5 | b32ad26683689ce39aae3cd95365fc83
PHP Laravel Framework Token Unserialize Remote Command Execution
Posted Jul 15, 2019
Authored by aushack, Stale Pettersen | Site metasploit.com

This Metasploit module exploits a vulnerability in the PHP Laravel Framework for versions 5.5.40, 5.6.x up to 5.6.29. Remote command execution is possible via a correctly formatted HTTP X-XSRF-TOKEN header, due to an insecure unserialize call of the decrypt method in Illuminate/Encryption/Encrypter.php. Authentication is not required, however exploitation requires knowledge of the Laravel APP_KEY. Similar vulnerabilities appear to exist within Laravel cookie tokens based on the code fix. In some cases the APP_KEY is leaked which allows for discovery and exploitation.

tags | exploit, remote, web, php, vulnerability
advisories | CVE-2017-16894, CVE-2018-15133
MD5 | 7094c48d642dbb2c66067663c6ef39d9
Laravel Log Viewer Local File Download
Posted Mar 26, 2018
Authored by Haboob Team

Laravel Log Viewer versions prior to 0.13.0 suffers from a local file download vulnerability.

tags | exploit, local
advisories | CVE-2018-8947
MD5 | 1e81a04e0c7cc01f16fdaa42c8c9f5e9
Laravel 5.4 Cross Site Scripting
Posted Mar 7, 2017
Authored by MaHDyfo

Laravel version 5.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 22bf207f6f51f8b1b7a97295cc5db267
Laravel 2.1 Hash::make() bcrypt Truncation
Posted Sep 16, 2014
Authored by Pichaya Morimoto

Laravel version 2.1 fails to check length prior to password hash creation allowing for possible hash collisions for secrets over 72 characters.

tags | exploit
MD5 | 9a659860179b16a04dd973d4cb76d967
Ignition 1.3 Code Execution
Posted Dec 30, 2010
Authored by cOndemned

Ignition version 1.3 remote code execution exploit.

tags | exploit, remote, code execution
MD5 | d872b7c4b3beb5da021c5d31d1e73a47
Ignition 1.3 Local File Inclusion
Posted Dec 30, 2010
Authored by cOndemned

Ignition version 1.3 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 230fd13fd4d0dc135625da7274b9e887
Ignition 1.2 Local File Inclusion
Posted Dec 21, 2009
Authored by cOndemned | Site condemned.r00t.la

Ignition version 1.2 suffers from multiple local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
MD5 | 74887715ccef038fa9b48a454eea12f0
Ignition 1.2 Code Execution
Posted Aug 15, 2009
Authored by IRCRASH | Site ircrash.com

Ignition version 1.2 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 285b0171530fcbe343c08797a82cc810
Page 1 of 1
Back1Next

File Archive:

April 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    17 Files
  • 2
    Apr 2nd
    2 Files
  • 3
    Apr 3rd
    2 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    15 Files
  • 7
    Apr 7th
    20 Files
  • 8
    Apr 8th
    16 Files
  • 9
    Apr 9th
    5 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    4 Files
  • 13
    Apr 13th
    8 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close